Overview

URLhelios.vn/98jh6d5/89hg56fd.exe
IP 112.213.86.143 (Vietnam)
ASN#45544 SUPERDATA
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-27 11:56:07 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.pki.goog (11) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
fonts.gstatic.com (3) 0 2014-09-09 00:40:21 UTC 2022-11-27 05:33:29 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (10) 867 2020-06-04 20:08:41 UTC 2022-11-27 05:29:56 UTC 34.102.187.140
helios.vn (62) 0 2015-11-08 23:37:39 UTC 2022-11-25 13:31:57 UTC 112.213.86.143 Unknown ranking
detectportal.firefox.com (1) 1601 2018-08-30 09:52:03 UTC 2020-04-29 19:46:30 UTC 34.107.221.82
shavar.services.mozilla.com (1) 3602 2015-09-28 06:30:01 UTC 2020-05-04 00:48:21 UTC 35.82.2.166
getpocket.cdn.mozilla.net (1) 1369 2018-08-28 13:15:36 UTC 2020-03-21 16:37:27 UTC 34.120.5.221
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-27 06:32:27 UTC 142.250.74.168
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-27 05:34:18 UTC 142.250.74.10
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.191.210.155
content-signature-2.cdn.mozilla.net (2) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-27 05:29:57 UTC 34.117.237.239
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-27 2 helios.vn/98jh6d5/89hg56fd.exe Malware
2022-11-27 2 helios.vn/assets/css/style.css?v=1653965503 Malware
2022-11-27 2 helios.vn/98jh6d5/89hg56fd.exe Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 112.213.86.143
Date UQ / IDS / BL URL IP
2022-12-06 11:33:22 +0000 0 - 0 - 3 helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143
2022-12-05 17:15:01 +0000 0 - 0 - 3 helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143
2022-11-28 03:53:08 +0000 0 - 0 - 3 helios.vn/ 112.213.86.143
2022-11-27 11:56:07 +0000 0 - 0 - 3 helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143
2022-11-27 11:55:22 +0000 0 - 0 - 4 www.helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143


Last 5 reports on ASN: SUPERDATA
Date UQ / IDS / BL URL IP
2023-02-06 13:56:16 +0000 0 - 3 - 0 saamjulie.asia/ 112.213.89.38
2023-02-05 16:03:02 +0000 0 - 1 - 0 tachicoffee.com/wp-content/download/File.zip? (...) 103.77.162.8
2023-02-04 11:19:01 +0000 0 - 0 - 2 vietcredit.click/login 27.0.15.60
2023-02-01 19:23:24 +0000 0 - 0 - 1 chithanhplastics.com/uploads/userfiles/file/n (...) 103.1.237.27
2023-02-01 18:47:15 +0000 0 - 2 - 0 ebnbestprice.com/ 103.77.162.20


Last 5 reports on domain: helios.vn
Date UQ / IDS / BL URL IP
2022-12-06 11:33:22 +0000 0 - 0 - 3 helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143
2022-12-05 17:15:01 +0000 0 - 0 - 3 helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143
2022-11-28 03:53:08 +0000 0 - 0 - 3 helios.vn/ 112.213.86.143
2022-11-27 11:56:07 +0000 0 - 0 - 3 helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143
2022-11-27 11:55:22 +0000 0 - 0 - 4 www.helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143


Last 4 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-06 11:33:22 +0000 0 - 0 - 3 helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143
2022-12-05 17:15:01 +0000 0 - 0 - 3 helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143
2022-11-28 03:53:08 +0000 0 - 0 - 3 helios.vn/ 112.213.86.143
2022-11-27 11:55:22 +0000 0 - 0 - 4 www.helios.vn/98jh6d5/89hg56fd.exe 112.213.86.143

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (112)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8C5C9231BED3272D5D286FC999E920F1BEFEC2568BF6504CBF61EA57EA1C069B"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10032
Expires: Sun, 27 Nov 2022 14:42:58 GMT
Date: Sun, 27 Nov 2022 11:55:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9091
Expires: Sun, 27 Nov 2022 14:27:17 GMT
Date: Sun, 27 Nov 2022 11:55:46 GMT
Connection: keep-alive

                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.5.221
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: heo0FomGzwXj_f0CkZ7B0OW7BlIqLxTAvRg7cLO3IyGNoCG231dOcQ==
content-encoding: gzip
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 11:49:05 GMT
content-length: 43931
age: 401
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   43931
Md5:    97aa9b73781b797c5ad85b0065e2e137
Sha1:   ab6152f902e96539102199be8feed5b41615c8b7
Sha256: 53638a6d8a64bf7cb54f175bf629cfd26a741ee38de712f11990d5bcfa304ac6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8983
Expires: Sun, 27 Nov 2022 14:25:29 GMT
Date: Sun, 27 Nov 2022 11:55:46 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ZCN0B6hw6Xs9j5QsNuE1FZJK6wgO1D16wr9GcZ3iURzR1TZPS1ynzw+yDh7PzoLJKIE3Zwv/XHI=
x-amz-request-id: RN851BDBK4F56BM1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 11:25:38 GMT
age: 1808
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5225
Cache-Control: max-age=86547
Date: Sun, 27 Nov 2022 11:55:46 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:58:13 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 27 Nov 2022 11:55:46 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 11:19:21 GMT
cache-control: public,max-age=3600
age: 2185
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET /98jh6d5/89hg56fd.exe HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         112.213.86.143
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 27 Nov 2022 11:56:45 GMT
Server: Apache/2
Location: https://helios.vn/98jh6d5/89hg56fd.exe
Content-Length: 246
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   246
Md5:    0becde814664e620fd5ba5670b624109
Sha1:   d6ec1edd2bb53b0747002e3a143baa6da9ba2e50
Sha256: 5991f0df4e67752e3245b1ca06d5793827e893117aad2ed398f74011ef83d4a9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4417
Cache-Control: max-age=112383
Date: Sun, 27 Nov 2022 11:55:47 GMT
Etag: "63825301-1d7"
Expires: Mon, 28 Nov 2022 19:08:50 GMT
Last-Modified: Sat, 26 Nov 2022 17:55:13 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sun, 27 Nov 2022 02:59:55 GMT
Age: 32152
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 
Host: shavar.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

search
                                         35.82.2.166
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Sun, 27 Nov 2022 11:55:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    29fc57841962e407cb50c1be60284bf7
Sha1:   ce968a77e2996da5eee8925182318f171ccdce47
Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4330
Cache-Control: max-age=166995
Date: Sun, 27 Nov 2022 11:55:47 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:19:02 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 11:11:12 GMT
cache-control: public,max-age=3600
age: 2675
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RaepyQ8K8x8iwSKFIaN4/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.191.210.155
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: M/nHJYhbhLAlDP9jYsZU3KIGccE=

                                        
                                            GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221669539434491%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Sun, 27 Nov 2022 11:02:18 GMT
cache-control: public,max-age=3600
age: 3209
last-modified: Sun, 27 Nov 2022 08:57:14 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Size:   21675
Md5:    7e008998b08b0a6652fa2af7372a3d3f
Sha1:   099155f86e7529b35b8f2d6c42708a5bb7a9c60d
Sha256: 8eda5da64b97e51c0f09592143ba29f2a75c0058cd3a0ee29308080649796614
                                        
                                            GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6593
via: 1.1 google
date: Sun, 27 Nov 2022 11:18:39 GMT
cache-control: public,max-age=3600
age: 2228
last-modified: Mon, 21 Nov 2022 18:37:18 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6593), with no line terminators
Size:   6593
Md5:    173414a662e4d0d6c29b893819284fcc
Sha1:   e7823586afc7d40c1ffd732e3f0f98d22f9cb6b6
Sha256: 28a589a49cbca81692eb7cc6bb2725f5d56b11238143a58c97f33260a81eb750
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: p8kDTHkUpUZvNsY3YCDKkdQQLM487LarxkSfKncCPRY5I5vrb6ft9stbylez5iXY8oF81grPph8=
x-amz-request-id: VFYQ4F9R1D91QDBN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 11:41:37 GMT
age: 850
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:48 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 07:43:15 GMT
Expires: Fri, 02 Dec 2022 07:43:14 GMT
Etag: "d0fbd136de948aee49113b8e721f02016e69b92f"
Cache-Control: max-age=416246,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770aad466ee9b4ee-OSL

                                        
                                            GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669390557029&_since=%221666483264567%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 51208
via: 1.1 google
date: Sun, 27 Nov 2022 11:53:06 GMT
cache-control: public,max-age=3600
age: 162
last-modified: Fri, 25 Nov 2022 15:35:57 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (51208), with no line terminators
Size:   51208
Md5:    21b6a1c29930dd71addd901f726cce7d
Sha1:   fb0e9b091e6f6f41bbf72a4857653745b9f7ddba
Sha256: 7f75908497bee301b1803d7ec5a6ca5301de05da4c89832be9ab6e4f5e4884df
                                        
                                            GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669315595212&_since=%221666279968541%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 27155
via: 1.1 google
date: Sun, 27 Nov 2022 11:31:47 GMT
cache-control: public,max-age=3600
age: 1441
last-modified: Thu, 24 Nov 2022 18:46:35 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27155), with no line terminators
Size:   27155
Md5:    ac619cf3864a0cc124ef2d8917355b2c
Sha1:   e7deb60297e8951331382468d8ad9b1804e51139
Sha256: 5c5aad45a1d663bbb00d9021e9920bfa636f15fd04fbf35fd58bffc22ef865aa
                                        
                                            GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Sun, 27 Nov 2022 11:08:09 GMT
cache-control: public,max-age=3600
age: 2859
last-modified: Mon, 31 Oct 2022 17:42:02 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Size:   1719
Md5:    673c0c8594251318f6ddab69439200f0
Sha1:   dfdfdbaa6ea4d5e1f2b58917573fa74c84b73f96
Sha256: 26808cb3b91051a2e383451dad0b069836788756c6a97faba58fc23d11a88477
                                        
                                            GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1482
via: 1.1 google
date: Sun, 27 Nov 2022 11:51:33 GMT
cache-control: public,max-age=3600
age: 255
last-modified: Wed, 16 Nov 2022 14:02:20 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1482), with no line terminators
Size:   1482
Md5:    151df207a4786253007ead8264c7a9fe
Sha1:   ef39481d3f610c25b27836fb375e24ac0f3c6b47
Sha256: 352e05fd634451861f76ed1790e01b4f9f8d8fe3993464263f846ada17eb343e
                                        
                                            GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Sun, 27 Nov 2022 11:11:53 GMT
cache-control: public,max-age=3600
last-modified: Sun, 20 Nov 2022 16:36:52 GMT
etag: "1668962212585"
age: 2635
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Size:   681
Md5:    eaee4fcc2a30b5cb65768e7228765063
Sha1:   a618faa6e4c7c412584de1dbc760a8067e32b7d7
Sha256: 20565fc5642a0bc063da8706ee310dd2512ee2a096a39976c34056a13a2bc2f6
                                        
                                            GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Sun, 27 Nov 2022 11:31:08 GMT
cache-control: public,max-age=3600
age: 1480
last-modified: Thu, 27 Oct 2022 18:14:21 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Size:   1506
Md5:    202f8030219491c4a368c475aaa98861
Sha1:   b3f7120107465db6e1eb7a21efb451253a30e31e
Sha256: 379786244e20b5c0d5ed80b9f3c03e9a964615c7df36764c9d96528290754de4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 11:55:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 11:55:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 11:55:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 11:55:49 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 50648
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5099
Md5:    433875a1b1fef34e45f2d8ac344c07e3
Sha1:   f2129466436cbbdd58abe42a47fb7af19eba58e6
Sha256: ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:52:26 GMT
age: 50603
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8254
Md5:    6ee5071a31d351c552aa651e40b16189
Sha1:   6fca9136030ea6f67be44e428ea39c34ff3e28e7
Sha256: 8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 50652
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2944
x-amzn-requestid: 8f1b2573-39ab-442e-8c6e-97538a28aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWXXEjJIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813762-52f27ff536b0c3b84bdfba8e;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:45:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hy8v_azPZzuVRv1VN61DoNWbfA83JPs4JcZfRyLo3j6HCtWv_gkNw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:04:40 GMT
age: 49869
etag: "139f48ea60880efc6d2977f4d3141809f22adfef"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2944
Md5:    5c135ab961de12d926b94f9abae8adbe
Sha1:   139f48ea60880efc6d2977f4d3141809f22adfef
Sha256: 1578a994e7c4eef451f1c744116caa95e1aa995c4817a13832f1ac3487cea95d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 50648
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10199
Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0
Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da
Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaab9de7-1f50-401c-bd84-6bcd72fb53d1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8335
x-amzn-requestid: 265466c8-029d-4738-bdbe-be0a161fb497
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOeD0GwYIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638276e5-1c8225cf00057ce0047f74ba;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 20:28:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TK_kNT9Vcv_lNMbiTqXxAYXCko2Gy64Oy9MGXwuBu9S_3DdqIc67Nw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:54:52 GMT
age: 50457
etag: "b298107232e837ccf8d853e6d2c91f67e74dc2ba"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8335
Md5:    c52c26038ed572c870cf2119865907b1
Sha1:   b298107232e837ccf8d853e6d2c91f67e74dc2ba
Sha256: d95471f66cf6404bfb5400c4c707fbb81bcaf4be1518313d3f513c9b2a3da1fd
                                        
                                            GET /gtag/js?id=UA-217402381-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 11:55:49 GMT
expires: Sun, 27 Nov 2022 11:55:49 GMT
cache-control: private, max-age=900
last-modified: Sun, 27 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43747
Md5:    a746c6a3dc44dee231838066297dc0af
Sha1:   cf93bc790566ba65d8e4aa11314048a5837bf7b2
Sha256: e0087f6a8cf30abae548923c5a94707db6794546444d96ab81afdd16a83a6fee
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/css/style.css?v=1653965503 HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Tue, 31 May 2022 02:51:43 GMT
etag: "10fe6-5e045da514e00-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 11549
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   11549
Md5:    013399045c38c96ed52efd9366a6a1ac
Sha1:   cbb0a422786da354dbba756427105b18c49c6ef6
Sha256: 481afd6bc92980d6bcefb08fd7b7c29cdf8dc9cdcfb32168da2061d56e344fce

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/css/all.css HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:41:14 GMT
etag: "28bb3-5d41caae47c46-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22232
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Size:   22232
Md5:    2e9866bbeede6771a6939e7355962921
Sha1:   183718f00ab7bf237495fe8ee6d52ddb73dfd6e3
Sha256: ad9bf608a2686bcf6865f4d01b406c8c537569b9c6c42335e10c83e320274edc
                                        
                                            GET /assets/plugins/nice-select/nice-select.css HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:42:50 GMT
etag: "fa7-5d41cb099879e-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1057
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1057
Md5:    d1d7efa19b769d2b6da55df37cebb29b
Sha1:   03b22939665eb62dbd1623d4eeffcd59381c66a3
Sha256: 0a3645773ac0ba2b3c8e31b51d9d00bafccfd56e55fff325d8c6f391506d0a9c
                                        
                                            GET /assets/css/cart.css HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:41:15 GMT
etag: "286c-5d41caae756be-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2448
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2448
Md5:    e9e26634e96eca38f17c1bb62b376a99
Sha1:   a9e952c860ba0d5d76962fb9eae38a0e339b9f98
Sha256: 83f8b85962243787c52c70ef6b7179b263e8989134cb7e5da083d9c2074ab7f2
                                        
                                            GET /assets/plugins/jquery-confirm/jquery-confirm.css HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:42:50 GMT
etag: "6b88-5d41cb091908e-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3637
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3637
Md5:    bc7256289c2f82d17db5bed3269d9e0c
Sha1:   e4fc8fe9608dddd20a0997db9bfa276fb70b0dd6
Sha256: ce796e98a858b65043645bc4743d06823d2e8b2043accbe436859b8a06aad3c2
                                        
                                            GET /assets/css/reset.css HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Tue, 04 Jan 2022 04:03:55 GMT
etag: "768e-5d4b9b9d1dfc6-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5184
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5184
Md5:    add3e0eacdc0dc05fc84f12b22326872
Sha1:   a7dc6fbc2a6734fe9e9fb7906f40ca9a49dc8ea6
Sha256: 33b2db037d79d6e1c4ff1c0a571a5c4caaf3b8ef7107e041fbcd1ab322942acd
                                        
                                            GET /assets/plugins/font-awesome/css/font-awesome.min.css HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:43:07 GMT
etag: "7188-5d41cb19ce60e-gzip"
accept-ranges: bytes
cache-control: max-age=604800, proxy-revalidate
expires: Tue, 27 Dec 2022 11:56:48 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6664
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28900)
Size:   6664
Md5:    dba3feaa47e3ecdb2f96f5656fe27181
Sha1:   1fcdfd2b58707906fb08ed785baeffff9cdbed99
Sha256: 6b7ecb3eae1f96a2f6cf134685d44732de45f94af7aa645346284a9a617e0e8b
                                        
                                            GET /assets/images/ic-search1.png HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Mon, 27 Dec 2021 08:41:25 GMT
etag: "56a-5d41cab8995e6"
accept-ranges: bytes
content-length: 1386
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size:   1386
Md5:    d20946fe682a8ac4844dec667ced4186
Sha1:   f88f396150d8ad41c0dba0aa49c4fc11c10c50b1
Sha256: 7fcd70312abc8b06fffc759047202fe26b50551df81a3018dedb614f02fc1920
                                        
                                            GET /thumbs/115x115x1/upload/hinhanh/1588-5746.png HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/png
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 02:54:00 GMT
etag: "b35-5ee56c00c4120"
accept-ranges: bytes
content-length: 2869
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 115 x 115, 8-bit/color RGBA, non-interlaced\012- data
Size:   2869
Md5:    df5ec8fd954c706552640bcf0f737e0a
Sha1:   5d2259f00697e9a323f65ac36c21e00978cf24da
Sha256: 258b47c1a139c29eeaaf13f7526dd45f1069b70087b94cea80570899dce196a8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/mulish/v12/1Ptvg83HX_SGhgqk0AotcqA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helios.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7876
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:34:33 GMT
expires: Wed, 22 Nov 2023 20:34:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:08:15 GMT
age: 400877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7876, version 1.0\012- data
Size:   7876
Md5:    1a2bdc86702f56a4e416c28f82a7e711
Sha1:   d016a1922e74431bfb8ae6e5c59a6688f9b829e0
Sha256: 529003f887faa01f4eb94921bae9abdbcea2849becd0f42600726f17b9fb6f4a
                                        
                                            GET /s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helios.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:13:04 GMT
expires: Wed, 22 Nov 2023 01:13:04 GMT
cache-control: public, max-age=31536000
age: 470566
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 27428, version 1.0\012- data
Size:   27428
Md5:    e6d08c334958c128b793b570a7dce066
Sha1:   081111500e97a7663ff936f847e050fee6b8be2b
Sha256: 8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
                                        
                                            GET /s/mulish/v12/1Ptvg83HX_SGhgqk0QotcqA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://helios.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 15:36:23 GMT
expires: Sat, 25 Nov 2023 15:36:23 GMT
cache-control: public, max-age=31536000
age: 159567
last-modified: Mon, 11 Jul 2022 19:02:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24316, version 1.0\012- data
Size:   24316
Md5:    318a2ae8b82183cd78b947d0042c7e10
Sha1:   f690c11fe3c8ff360672da95dcfaf0073a8fdc37
Sha256: 2bde8ca32e52ee96dc3d6ddd52240b115f3a2ca527c7697899aa21ed9cba3a5b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 11:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /thumbs/500x500x1/upload/baiviet/4-1837.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:03 GMT
etag: "2bc83-5ee6023835d20"
accept-ranges: bytes
content-length: 179331
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/1-3520.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 10:46:46 GMT
etag: "2ada3-5ee7178a969c8"
accept-ranges: bytes
content-length: 175523
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/600x600x1/upload/baiviet/saptrangsuchelios-4816.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 10:06:19 GMT
etag: "2e6db-5ee48ac5394c0"
accept-ranges: bytes
content-length: 190171
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-3598.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:09 GMT
etag: "1b624-5ee6023dad7a8"
accept-ranges: bytes
content-length: 112164
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-2688.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:35:51 GMT
etag: "116a4-5ee3fdd924fa8"
accept-ranges: bytes
content-length: 71332
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/380x380x1/upload/baiviet/ge180979web4189-7969.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 01:18:07 GMT
etag: "c270-5ee556922a008"
accept-ranges: bytes
content-length: 49776
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/2-2833.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:02 GMT
etag: "1e89d-5ee6023753038"
accept-ranges: bytes
content-length: 125085
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/600x600x1/upload/baiviet/sanphamhoanthanhhelios-4488.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:12 GMT
etag: "2e46c-5ee6024087370"
accept-ranges: bytes
content-length: 189548
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/3-4392.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:04 GMT
etag: "2e11c-5ee602392e5b0"
accept-ranges: bytes
content-length: 188700
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/600x600x1/upload/baiviet/datdagiaconghelios-9527.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 07:25:45 GMT
etag: "3d249-5ee466e13bcf0"
accept-ranges: bytes
content-length: 250441
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/1-3880.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:06 GMT
etag: "1d1d1-5ee6023b083b8"
accept-ranges: bytes
content-length: 119249
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/1-5243.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:05 GMT
etag: "1ebed-5ee6023a16888"
accept-ranges: bytes
content-length: 125933
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/5-8950.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:08 GMT
etag: "1e3f8-5ee6023ccc230"
accept-ranges: bytes
content-length: 123896
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/2-165.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 08:21:13 GMT
etag: "146fd-5ee5b524ddb30"
accept-ranges: bytes
content-length: 83709
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/r124977sa3-9006.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 01:18:44 GMT
etag: "13de0-5ee556b6446f0"
accept-ranges: bytes
content-length: 81376
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/r136837sa3-8625.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 02:55:30 GMT
etag: "151c0-5ee56c56c4ea8"
accept-ranges: bytes
content-length: 86464
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-8207.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:07 GMT
etag: "1c799-5ee6023bf21e8"
accept-ranges: bytes
content-length: 116633
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/img64412-6151.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 09:15:40 GMT
etag: "1bdb0-5ee7032e032d8"
accept-ranges: bytes
content-length: 114096
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-6316.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:19 GMT
etag: "1c1af-5ee60247b8090"
accept-ranges: bytes
content-length: 115119
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-9712.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:22 GMT
etag: "153b7-5ee6024a6ce80"
accept-ranges: bytes
content-length: 86967
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/pearshapedgarnetweddingsetnaturalgarnetshapedbandbridalringset18kwhitegoldredgarnetengagementringsettwopieces1471053-9548.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 11:56:20 GMT
etag: "1aa39-5ee727178cd50"
accept-ranges: bytes
content-length: 109113
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/380x380x1/upload/baiviet/untitleddesign145690-9293.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:01 GMT
etag: "1e9b0-5ee6023661120"
accept-ranges: bytes
content-length: 125360
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/5-9354.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:14 GMT
etag: "1dcfb-5ee6024257538"
accept-ranges: bytes
content-length: 122107
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-8577.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 01:20:59 GMT
etag: "1b327-5ee557369c640"
accept-ranges: bytes
content-length: 111399
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-9703.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:36:03 GMT
etag: "1908c-5ee3fde516988"
accept-ranges: bytes
content-length: 102540
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /98jh6d5/89hg56fd.exe HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         112.213.86.143
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
date: Sun, 27 Nov 2022 11:56:47 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=604800, private, proxy-revalidate
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/5-1122.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 07:26:10 GMT
etag: "28969-5ee466f96bb40"
accept-ranges: bytes
content-length: 166249
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-7965.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:15 GMT
etag: "29263-5ee60243451e8"
accept-ranges: bytes
content-length: 168547
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-9989.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 11:56:13 GMT
etag: "20b4d-5ee7271041668"
accept-ranges: bytes
content-length: 133965
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/800x0-9276.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 09:15:46 GMT
etag: "16ed3-5ee7033317788"
accept-ranges: bytes
content-length: 93907
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 11:55:49 GMT
date: Sun, 27 Nov 2022 11:55:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/2-1275.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 08:21:11 GMT
etag: "2468e-5ee5b522f23e8"
accept-ranges: bytes
content-length: 149134
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/limitedtimesale110caratpeachpinkmorganiteprincesscutmorganiteanddiamondengagementringin10krosegold-4124.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:35:34 GMT
etag: "2e957-5ee3fdc8d85f0"
accept-ranges: bytes
content-length: 190807
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/600x600x1/upload/baiviet/phacthaotrangsuchelios-7900.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:35:16 GMT
etag: "22891-5ee3fdb830f18"
accept-ranges: bytes
content-length: 141457
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-7555.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:36:39 GMT
etag: "261e8-5ee3fe06fd100"
accept-ranges: bytes
content-length: 156136
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/artemerartemeraquamarineringwithdiamondfrill-489.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 10:46:45 GMT
etag: "19919-5ee717896c840"
accept-ranges: bytes
content-length: 104729
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/2-8245.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:10 GMT
etag: "1cacd-5ee6023e9c3f8"
accept-ranges: bytes
content-length: 117453
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/1-1609.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 09:15:39 GMT
etag: "19d13-5ee7032d286d8"
accept-ranges: bytes
content-length: 105747
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/2-80.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 07:28:02 GMT
etag: "d624-5ee5a9414b670"
accept-ranges: bytes
content-length: 54820
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-866.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:13 GMT
etag: "13c0d-5ee602416c768"
accept-ranges: bytes
content-length: 80909
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-1669.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:20 GMT
etag: "1e347-5ee60248a3630"
accept-ranges: bytes
content-length: 123719
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/4-2737.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 09:15:38 GMT
etag: "190d9-5ee7032c367c0"
accept-ranges: bytes
content-length: 102617
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/3-407.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 11:21:43 GMT
etag: "2059b-5ee49b9f58178"
accept-ranges: bytes
content-length: 132507
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/1-7476.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 11:56:19 GMT
etag: "2c1d5-5ee7271642828"
accept-ranges: bytes
content-length: 180693
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/380x380x1/upload/baiviet/enginakyurt4iofzrbw6beunsplash3129-5893.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 07:25:44 GMT
etag: "1c7ed-5ee466e025fa0"
accept-ranges: bytes
content-length: 116717
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/380x380x1/upload/baiviet/ntav21060502h18756-5518.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 13:34:51 GMT
etag: "183e6-5ee4b961110e0"
accept-ranges: bytes
content-length: 99302
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/5-8104.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Thu, 24 Nov 2022 23:35:50 GMT
etag: "213dd-5ee3fdd8639e8"
accept-ranges: bytes
content-length: 136157
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/il794xn-6452.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 14:06:11 GMT
etag: "17e8e-5ee6023f8df28"
accept-ranges: bytes
content-length: 97934
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/380x380x1/upload/baiviet/pexelssaystraight27359818464-3365.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 01:34:41 GMT
etag: "16643-5ee55a4647498"
accept-ranges: bytes
content-length: 91715
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/4-7654.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 07:27:57 GMT
etag: "10775-5ee5a93c634c8"
accept-ranges: bytes
content-length: 67445
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/fb-copy-7483.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Fri, 25 Nov 2022 11:21:42 GMT
etag: "cb0a-5ee49b9e37848"
accept-ranges: bytes
content-length: 51978
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/r136667sa3-4735.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sat, 26 Nov 2022 08:21:12 GMT
etag: "12ba6-5ee5b523f73b0"
accept-ranges: bytes
content-length: 76710
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /thumbs/500x500x1/upload/baiviet/fb-copy-6-1617.jpg HTTP/1.1 
Host: helios.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://helios.vn/98jh6d5/89hg56fd.exe
Cookie: PHPSESSID=kut89jce5j3joq3b03err17ok0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         112.213.86.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 11:56:48 GMT
server: Apache/2
last-modified: Sun, 27 Nov 2022 10:46:44 GMT
etag: "1bd14-5ee717885ebd8"
accept-ranges: bytes
content-length: 113940
cache-control: max-age=604800, public
expires: Mon, 27 Nov 2023 11:56:48 GMT
X-Firefox-Spdy: h2


--- Additional Info ---