r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16731
Expires: Tue, 31 Jan 2023 11:24:49 GMT
Date: Tue, 31 Jan 2023 06:45:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2271
Expires: Tue, 31 Jan 2023 07:23:50 GMT
Date: Tue, 31 Jan 2023 06:45:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8036
Expires: Tue, 31 Jan 2023 08:59:55 GMT
Date: Tue, 31 Jan 2023 06:45:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 06:43:17 GMT
content-type: application/json
age: 162
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: q65SHMB8/QCgyZWTWqynyWnZn7I8MDUqxjROihlHlrvFUuo3Fq7YrSe6JarRF6H6O2hsL5sQmAI=
x-amz-request-id: CZYFVNMDYDV0C7DY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 05:51:03 GMT
age: 3296
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 06:45:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dienmayxanhtrungtam.com/
112.213.86.185301 Moved Permanently 240 B IP 112.213.86.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d1e2bf277ae4caf19c4f8b6884b0f474
5ad9bf229eb9dee12e9f267702ed7065f832f340
338b0c1616136f44c272986cac03e9cffceb1afa5be8ddca3a78f224426b89d2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 06:46:01 GMT
Server: Apache/2
Location: https://dienmayxanhtrungtam.com/
Content-Length: 240
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 06:41:42 GMT
age: 257
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6272
Expires: Tue, 31 Jan 2023 08:30:31 GMT
Date: Tue, 31 Jan 2023 06:45:59 GMT
Connection: keep-alive
push.services.mozilla.com/
52.33.66.202101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.33.66.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZkZaQZPFMw9R35symH5hJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dT3AVi4Dcm1moGR0adV1GN3tGO4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 983a6daee5a9de0c708f432d11c87ad3
c722ca6e5e5cd32143589e6d71865307fa9e9174
4639c2b8fa867486b3c4469578a780f94cbdc0abfde05fffb0a4487807c79cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4639C2B8FA867486B3C4469578A780F94CBDC0ABFDE05FFFB0A4487807C79CD9"
Last-Modified: Mon, 30 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 31 Jan 2023 12:46:00 GMT
Date: Tue, 31 Jan 2023 06:46:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16889
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 06:46:01 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 22379
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b43468b05cd1fd11c398263a80e4edb2
02e964ea5a88c866267ac6c5601bfcde26ffd42b
19783f05297f7ed5d7ca8cec0fc0e1676831275ac48f1510a4f410dbe2802314
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4634
x-amzn-requestid: 2941da94-203c-47d1-99ee-d864bdbf6993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCAHF9kIAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e39a-78bb7189351d830a7ef70c67;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hWONP8eVA6h5VMyREx_CgRY2zeb9KUxipWiXdx9dHBtU2YDV07lGXQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 05:35:57 GMT
age: 4204
etag: "02e964ea5a88c866267ac6c5601bfcde26ffd42b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16889
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 06:46:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 63486f2a937aa8fd013fc2c2d1b32f2d
e8868de34c2f79348c1edad764259eb70bebd7a6
fa6e5ce374031c0df3b3f2d6de823cf1fe08fdaf9957a0722770867cfdec0ed1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1925abe-5fa6-440b-8e23-d92b1e3bf273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13639
x-amzn-requestid: 8131c878-620a-4972-ba8f-1456859acae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcJSF0SIAMFe1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340a1-18c7280940d508c440c0182c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L6MnX0h8Bn9-ufqI6yOzQAPhqc4SoJKySgzlm756NaiVrfJpnftIWQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 06:29:38 GMT
age: 983
etag: "e8868de34c2f79348c1edad764259eb70bebd7a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5965fef2-c5a7-4a82-bcdc-41aebc355aff.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5965fef2-c5a7-4a82-bcdc-41aebc355aff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83d9e98a4575077e7400343c7f2038d2
6ac3ca84e97fa35afff9045f35d45499c0b34a23
da6d6d90a5ea8f5a864f3739591693b5f4b9793f2c4bb971486572f6bf2e940c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5965fef2-c5a7-4a82-bcdc-41aebc355aff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: e62c149b-ca5f-4d0c-8d2d-e8bb2a7f9d8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvSzH2soAMFiYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49278-1214fc750a312e46527b2fd7;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e9kVyPl84SxMlIqs-0wE831KRF1kg1HOPTgntElaEp1RGOsgqB19ZA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 04:10:37 GMT
age: 9324
etag: "6ac3ca84e97fa35afff9045f35d45499c0b34a23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16889
Expires: Tue, 31 Jan 2023 11:27:30 GMT
Date: Tue, 31 Jan 2023 06:46:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fc180ec5b99ac357db8775775c3c11
c9856a488e82bc330881377528bf2e53274ef5f3
a31fd6fc84f79b0f5fb79cccf490ddf61eb58bdaf57ca27f57a911332e550d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5394
x-amzn-requestid: 16d876fb-0afd-4b5d-b19e-1029506fd6f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIgq2E4CIAMFiFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce178-1f08dc2105b6e182677004e7;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 36E3JCGqpkeMmb_fzM0DTb24ElUMGDdikE1IdqQABDlbT28XRs7B-w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 11:52:37 GMT
age: 68004
etag: "c9856a488e82bc330881377528bf2e53274ef5f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 34956
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-XGP1CELM7S
142.250.74.40200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-XGP1CELM7S
IP 142.250.74.40:0
File type ASCII text, with very long lines (21849)
Hash 90003e5471393620e81a6356c7ccb190
7386c68512eb599ec996c4f85fc2f9dffbb182b8
3ed2046f91d6f8cfaf05f5c050e06ca6ba392000097b92b35c814fbf9b8b91b2
GET /gtag/js?id=G-XGP1CELM7S HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 06:46:01 GMT
expires: Tue, 31 Jan 2023 06:46:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dienmayxanhtrungtam.com/
112.213.86.185200 OK 25 kB IP 112.213.86.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21100), with CRLF, LF line terminators
Hash 4828203860af804c0543b581ec7dcc75
73f8e770af0a666a782476edc8766e8a95a39af0
c080f42bb0e67d928323163545e468c689b6bc1e63e7260e2b7c2a72a0f16334
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:03 GMT
Server: Apache/2
Vary: Accept,Accept-Encoding,User-Agent
Set-Cookie: wccpprocookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
X-Pingback: https://dienmayxanhtrungtam.com/xmlrpc.php
Link: <https://dienmayxanhtrungtam.com/wp-json/>; rel="https://api.w.org/", <https://dienmayxanhtrungtam.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://dienmayxanhtrungtam.com/>; rel=shortlink
Content-Encoding: gzip
Content-Length: 24867
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dienmayxanhtrungtam.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
112.213.86.185200 OK 10 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
IP 112.213.86.185:0
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 2a3cc81919349cb551f504b077791457
1d9393824b33b80513dbb9b2c8db48b6719d5d46
13a8d762ef70a9a18c89c226c4671f986401ccb7dae1c20be18c3db1eabbb62c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.6 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:15 GMT
ETag: "13abe-5e219d264f90e-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 10523
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
dienmayxanhtrungtam.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
112.213.86.185200 OK 730 B URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
IP 112.213.86.185:0
Hash b1529b0b8aa7b641b7874d8d7a03bcff
cb2f76b12e7c00b74e1cda43aeeceaebb1e1d3dd
bcb87fe953090203ad964b5bed39566b9cc4c410fb7c6d831f84128d8f376af2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:14 GMT
ETag: "780-5e219d25ac3c6-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 730
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
dienmayxanhtrungtam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
112.213.86.185200 OK 4.2 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 112.213.86.185:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:15 GMT
ETag: "2bd8-5e219d262f186-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 4169
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
dienmayxanhtrungtam.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
112.213.86.185200 OK 4.9 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP 112.213.86.185:0
File type ASCII text, with very long lines (15224)
Hash 3179794486ec4ca8f59329ccd67ae3e1
4b9c6e22ee7966479ef9844259f39f19d584f4a4
6e616b83910943042f683d5d21691f7e15aca8e2d8d154ff8f35bf09c612297a
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:15 GMT
ETag: "4705-5e219d261575e-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 4930
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
dienmayxanhtrungtam.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
112.213.86.185200 OK 161 B URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
IP 112.213.86.185:0
File type ASCII text, with very long lines (327)
Hash b99e67fe7419c667a1d0236a1823a1f6
6e8bf1cbcac35ea75637be52099b2de73dba7c7d
38be94774abf0e8cfe78738ff13d9c6323f92fc4df3acbb6423a8d44f64a66b7
GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "148-5e219d22e9efe-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 161
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
dienmayxanhtrungtam.com/wp-content/themes/may-loc-khi/style.css?ver=3.0
112.213.86.185200 OK 230 B URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/themes/may-loc-khi/style.css?ver=3.0
IP 112.213.86.185:0
Hash 575ca0b36ea9fdd38ddd0f2a9d5e67ee
b0bed9066b328affa8dee1d5ea697b65e58a9cca
c5c74da68bb8961e2cfa8c7704f7da0c05419cf22a5973edd4d8460d5b015fa9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/may-loc-khi/style.css?ver=3.0 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:12 GMT
ETag: "130-5e219d23b609e-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 230
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
dienmayxanhtrungtam.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
112.213.86.185200 OK 4.0 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
IP 112.213.86.185:0
Hash 9c3f35d25fc1f08e91d811f18b705309
4ff1be4c211d2e4ad3fa4b83abe9a71405d4e4df
af1ce72f37d8d8f7d80d7f3d81a05a1f0d441967b371237050e7ee38b30438a0
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:14 GMT
ETag: "37c8-5e219d25a8d16-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 3951
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript
dienmayxanhtrungtam.com/wp-includes/js/hoverIntent.min.js?ver=1.10.1
112.213.86.185200 OK 699 B URL HTTP/1.1 dienmayxanhtrungtam.com/wp-includes/js/hoverIntent.min.js?ver=1.10.1
IP 112.213.86.185:0
File type ASCII text, with very long lines (1445)
Hash d4fb3c010c6ee553cce3f088f8a08efa
fb88c62c4b2ca26b83fdbbb3b736d1f4f388ac21
938e8545469033c8696d12060d17b9c1225662c3158061b7f345b4e416c417f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.1 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:15 GMT
ETag: "5c8-5e219d2602e7e-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 699
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
dienmayxanhtrungtam.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.1
112.213.86.185200 OK 31 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.1
IP 112.213.86.185:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8c9649b6fcda19aa25072ac4f02fb351
39958c209853396f76486ed5c441954d8e077f04
7c99d0b83c76494686a0cdbefbfc9f0b869e51a325c7e3ea2f9b805ddca37599
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.1 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "2a3e5-5e219d22e9efe-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 31417
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
dienmayxanhtrungtam.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
112.213.86.185200 OK 31 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 112.213.86.185:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:15 GMT
ETag: "15db1-5e219d262592e-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 30908
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
dienmayxanhtrungtam.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
112.213.86.185200 OK 765 B URL HTTP/1.1 dienmayxanhtrungtam.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP 112.213.86.185:0
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:15 GMT
ETag: "592-5e219d2615376-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 765
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dienmayxanhtrungtam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 14:50:08 GMT
expires: Wed, 24 Jan 2024 14:50:08 GMT
cache-control: public, max-age=31536000
age: 575754
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dienmayxanhtrungtam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 117842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
216.58.207.227200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dienmayxanhtrungtam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:06:07 GMT
expires: Sat, 27 Jan 2024 02:06:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
age: 362395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dienmayxanhtrungtam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 514443
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Hash e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dienmayxanhtrungtam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 00:55:59 GMT
expires: Mon, 29 Jan 2024 00:55:59 GMT
cache-control: public, max-age=31536000
age: 193803
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
216.58.207.227200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 5604, version 1.0\012- data
Hash 7cda2cfee99d697daf8c14819d9004eb
76f4002863493c93454a9f17424942f321287cba
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dienmayxanhtrungtam.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:14:11 GMT
expires: Sat, 27 Jan 2024 10:14:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
age: 333111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 06:46:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/LG.jpg
112.213.86.185200 OK 8.5 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/LG.jpg
IP 112.213.86.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=716, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1592], progressive, precision 8, 300x100, components 3\012- data
Hash aa19fc2b3736d746a7196f54eeceb10d
cfe831aff0172714943a64a6ea1fd94b2dd5419c
a1ad1d8b1843edc559dfc6529447d57be3f37afcde6cd5140032382dbe04f63a
GET /wp-content/uploads/2021/01/LG.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "2117-5e219d22abece"
Accept-Ranges: bytes
Content-Length: 8471
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
dienmayxanhtrungtam.com/wp-content/uploads/2019/04/icon.png
112.213.86.185200 OK 1.5 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2019/04/icon.png
IP 112.213.86.185:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash e602992e7ae69c2e9ab5f456d0ba1e99
31940ebdd8447b9cba913b87aee0efe8ec4d97ce
88a3cba119487b9978b141eca04e1787c2515cad868edf665f4f02899a715062
GET /wp-content/uploads/2019/04/icon.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "5b1-5e219d22a2676"
Accept-Ranges: bytes
Content-Length: 1457
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/sanyo.jpg
112.213.86.185200 OK 13 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/sanyo.jpg
IP 112.213.86.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=532, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], progressive, precision 8, 300x100, components 3\012- data
Hash 96517d0e1a03fa526c210e88833bef63
83548a6f1be0853094eaba1012bfa1d16f899c2a
08bf56b1deaa84e11dbeb224d22636ea958737ed268f814bb5cf49711fb5a721
GET /wp-content/uploads/2021/01/sanyo.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "3333-5e219d22bbcb6"
Accept-Ranges: bytes
Content-Length: 13107
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
dienmayxanhtrungtam.com/wp-content/uploads/2019/04/phone-icon.png
112.213.86.185200 OK 1.3 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2019/04/phone-icon.png
IP 112.213.86.185:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 98c6f0cf8a72acbbcc8a7c4e95a334f9
e0e177cc802a4350a3a5fd26ba7add0d38ab9e55
e718346ce0dae7d4ca06addf711184cb75fcb3d0238d060564507fbc2d73cf04
GET /wp-content/uploads/2019/04/phone-icon.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "530-5e219d22a2a5e"
Accept-Ranges: bytes
Content-Length: 1328
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/bg-li2.png
112.213.86.185200 OK 486 B URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/bg-li2.png
IP 112.213.86.185:0
File type PNG image data, 20 x 21, 8-bit colormap, non-interlaced\012- data
Hash 02bc3870221cf5621bc29f8f466e8d00
bc01af643c2321e9324289beaf2a72e4bcbab8ca
42e7d0404add9f3bba63f6af9edc1daf49d23669c50bb2fd54c5a8fb8cc1da29
GET /wp-content/uploads/2021/01/bg-li2.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "1e6-5e219d22c1e5e"
Accept-Ranges: bytes
Content-Length: 486
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
112.213.86.185200 OK 6.5 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
IP 112.213.86.185:0
File type Web Open Font Format (Version 2), TrueType, length 6536, version 1.0\012- data
Hash 21c4c69602dadee988f10c502b44d1c1
7d28ed1775492300f859296ef85ce371c26a6ff3
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "1988-5e219d22eb286"
Accept-Ranges: bytes
Content-Length: 6536
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
dienmayxanhtrungtam.com/wp-content/uploads/2019/04/icon-hotline-2.jpg
112.213.86.185200 OK 3.0 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2019/04/icon-hotline-2.jpg
IP 112.213.86.185:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 54x60, components 3\012- data
Hash 1efe457b4d8aad12897e9baeea1f80df
9e062c024de6e0f1045f6f5287975e6e2455a3ad
277d98d1eddc51d1dfc651a5dbe8a1c1af075d93d89d92fb2420cd9238264fac
GET /wp-content/uploads/2019/04/icon-hotline-2.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "ba0-5e219d22a4d86"
Accept-Ranges: bytes
Content-Length: 2976
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
dienmayxanhtrungtam.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1
112.213.86.185200 OK 45 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1
IP 112.213.86.185:0
File type ASCII text, with very long lines (21487)
Hash 395bb0dbbc1d7edc8833ff1b386b6d5a
1234aedc5ab1fd23bbf1a32fb45a702a5834e285
951f4154cf420de2f02c44356dcf6d3bdb6e40b6b6f30d1e34cd79b0008ed4cb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.1 HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Server: Apache/2
Vary: Referer,Accept-Encoding,User-Agent
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "26f11-5e219d22ddf96-gzip"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 45240
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
dienmayxanhtrungtam.com/wp-content/uploads/2022/04/ve-sinh-may-giat-long-ngang-7-300x169.jpg
112.213.86.185200 OK 33 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2022/04/ve-sinh-may-giat-long-ngang-7-300x169.jpg
IP 112.213.86.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=17, height=3456, bps=218, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 60D, orientation=upper-left, width=4608], baseline, precision 8, 300x169, components 3\012- data
Hash 0679a5af186656db7a1899ae7459fb24
a82b74d15eb2d21d6065bfbd23f72099d4c0aef6
6be6281b6484925170084aa43f7caa638f10405ed1ae75cac60ea6aa564f8716
GET /wp-content/uploads/2022/04/ve-sinh-may-giat-long-ngang-7-300x169.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "8138-5e219d229b916"
Accept-Ranges: bytes
Content-Length: 33080
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
dienmayxanhtrungtam.com/wp-content/uploads/2022/04/logo-dienmayxanh-2022.png
112.213.86.185301 Moved Permanently 292 B URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2022/04/logo-dienmayxanh-2022.png
IP 112.213.86.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e74542adbe11aefe7dd4c3436adaceaf
60983da9ba44d485faf2235eef157ca73fc9cc9a
0a255bf3e06c215f1a8def0720a8072069e29274f7c10d23dbbbde65add6426f
GET /wp-content/uploads/2022/04/logo-dienmayxanh-2022.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Location: https://dienmayxanhtrungtam.com/wp-content/uploads/2022/04/logo-dienmayxanh-2022.png
Content-Length: 292
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/Samsung.jpg
112.213.86.185200 OK 12 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/Samsung.jpg
IP 112.213.86.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=738, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2221], progressive, precision 8, 300x100, components 3\012- data
Hash 6d1b4613564b08c47b3770c23abebe8e
48156a53cd265a58c34c664dd9f75f5ea5b07dd8
3b8781d09879ea7471b5f6ae48ea4020c94a93cc538c7bd01a36bffe06ffdc2e
GET /wp-content/uploads/2021/01/Samsung.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "2d1f-5e219d22bdbf6"
Accept-Ranges: bytes
Content-Length: 11551
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
dienmayxanhtrungtam.com/wp-content/uploads/2022/04/sua-tu-lanh-dmx-300x200.png
112.213.86.185200 OK 91 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2022/04/sua-tu-lanh-dmx-300x200.png
IP 112.213.86.185:0
File type PNG image data, 300 x 200, 8-bit/color RGB, non-interlaced\012- data
Hash 3c1a577aea2d704bc5bded1e0893cb8d
d2c3e96f0966229c6b911a27dd7370094041a9fd
da5fd3d6fde0a0050a1f4e97969604ef687cc5783b1d56a90f7ded596c9016eb
GET /wp-content/uploads/2022/04/sua-tu-lanh-dmx-300x200.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "163eb-5e219d229a58e"
Accept-Ranges: bytes
Content-Length: 91115
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/Panasonic.jpg
112.213.86.185200 OK 14 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/Panasonic.jpg
IP 112.213.86.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=447, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1081], progressive, precision 8, 300x100, components 3\012- data
Hash fc7c5feb06450ff1e26f6a5a5ba51b92
cbdcf6794b3ccc54d7c328cdc12a2a7a96c9f1d4
2145af52f8f9ae09c06d78fe7035322cfeb84338f5b2ad6c5e0631b4f195836a
GET /wp-content/uploads/2021/01/Panasonic.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "365c-5e219d22b3fb6"
Accept-Ranges: bytes
Content-Length: 13916
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
region1.google-analytics.com/g/collect?v=2&tid=G-XGP1CELM7S>m=2oe1p0&_p=826009940&cid=1041566442.1675147578&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675147578&sct=1&seg=0&dl=https%3A%2F%2Fdienmayxanhtrungtam.com%2F&dt=Trung%20T%C3%A2m%20B%E1%BA%A3o%20H%C3%A0nh%20%C4%90i%E1%BB%87n%20M%C3%A1y%20Xanh&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-XGP1CELM7S>m=2oe1p0&_p=826009940&cid=1041566442.1675147578&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675147578&sct=1&seg=0&dl=https%3A%2F%2Fdienmayxanhtrungtam.com%2F&dt=Trung%20T%C3%A2m%20B%E1%BA%A3o%20H%C3%A0nh%20%C4%90i%E1%BB%87n%20M%C3%A1y%20Xanh&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-XGP1CELM7S>m=2oe1p0&_p=826009940&cid=1041566442.1675147578&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675147578&sct=1&seg=0&dl=https%3A%2F%2Fdienmayxanhtrungtam.com%2F&dt=Trung%20T%C3%A2m%20B%E1%BA%A3o%20H%C3%A0nh%20%C4%90i%E1%BB%87n%20M%C3%A1y%20Xanh&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dienmayxanhtrungtam.com
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://dienmayxanhtrungtam.com
date: Tue, 31 Jan 2023 06:46:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dienmayxanhtrungtam.com/wp-content/uploads/2021/06/tcat-b.png
112.213.86.185301 Moved Permanently 277 B URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/06/tcat-b.png
IP 112.213.86.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 14fc36b5b7e5e21ee64db5f94ac2176e
9bf2af3540ec52d4a7e27881cad9f3c155ce3e48
1c6f267370660ea0a57cda03c87cd107b6c64efc02959a437f74e3e56cf1f554
GET /wp-content/uploads/2021/06/tcat-b.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 06:46:06 GMT
Server: Apache/2
Location: https://dienmayxanhtrungtam.com/wp-content/uploads/2021/06/tcat-b.png
Content-Length: 277
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/missubishi.jpg
112.213.86.185200 OK 6.4 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/missubishi.jpg
IP 112.213.86.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x95, components 3\012- data
Hash 47111c372fbc7a8107b7510f78e29048
b79c7eb445d67539c9a02a895c8da777ac7b7329
d12ceec70277ef9033be7347c190d136fb85351a719106c0e607d96f5567d9cf
GET /wp-content/uploads/2021/01/missubishi.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:06 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "191e-5e219d22abae6"
Accept-Ranges: bytes
Content-Length: 6430
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
dienmayxanhtrungtam.com/wp-content/uploads/2022/04/sua-ti-vi-dien-may-xanh-300x220.png
112.213.86.185200 OK 90 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2022/04/sua-ti-vi-dien-may-xanh-300x220.png
IP 112.213.86.185:0
File type PNG image data, 300 x 220, 8-bit/color RGB, non-interlaced\012- data
Hash 46477ac0422407352742e3c4d646954a
ff704abc014074aeec5e2ad388f4c5780d9fbed8
84b9eecda3d451ebc919df9553687a5f5083d294b0ccec1bae290933e15b51a6
GET /wp-content/uploads/2022/04/sua-ti-vi-dien-may-xanh-300x220.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "160b0-5e219d2297a96"
Accept-Ranges: bytes
Content-Length: 90288
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2022/04/logo-dienmayxanh-2022.png
112.213.86.185200 OK 25 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2022/04/logo-dienmayxanh-2022.png
IP 112.213.86.185:0
File type PNG image data, 300 x 86, 8-bit/color RGB, interlaced\012- data
Hash 599e12c52318a9e1e14cbf0d801cd883
9eaad8bafdc8051ef435a74ed862b70d97c5e931
1dff3b236f3a531e3832cbc7590bc2e5504ff14eaf0eacd6a22777036a316d07
GET /wp-content/uploads/2022/04/logo-dienmayxanh-2022.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga_XGP1CELM7S=GS1.1.1675147578.1.0.1675147578.0.0.0; _ga=GA1.1.1041566442.1675147578
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:06 GMT
Server: Apache/2
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "6058-5e219d229a58e"
Accept-Ranges: bytes
Content-Length: 24664
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2022/04/baner-mr-hoang-alodigital-4.png
112.213.86.185200 OK 185 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2022/04/baner-mr-hoang-alodigital-4.png
IP 112.213.86.185:0
File type PNG image data, 1200 x 628, 8-bit colormap, non-interlaced\012- data
Size 185 kB (185096 bytes)
Hash 970124e2c52dc53cd83c21c7f17dda5c
3617a008e72110c9a0ff60f23582f57765285070
48e4b18c969106fca7f3fae08210661195b6cc17a053c3fdb9c0ff9d40728a9c
GET /wp-content/uploads/2022/04/baner-mr-hoang-alodigital-4.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "2d308-5e219d2296ede"
Accept-Ranges: bytes
Content-Length: 185096
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2021/06/tcat-b.png
112.213.86.185200 OK 1.4 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/06/tcat-b.png
IP 112.213.86.185:0
File type PNG image data, 300 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash 89fcd39d7fdf7e9c0087d57f4c76622b
2e7308fd2d0e70c7632c90f23362f7d9191a2110
bf9563ee2e0a5c638def19830b8aab74329a316b4f8878ae10878cac11bfd264
GET /wp-content/uploads/2021/06/tcat-b.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga_XGP1CELM7S=GS1.1.1675147578.1.0.1675147578.0.0.0; _ga=GA1.1.1041566442.1675147578
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:06 GMT
Server: Apache/2
Vary: Accept
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "58b-5e219d22a93d6"
Accept-Ranges: bytes
Content-Length: 1419
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/electrolux.jpg
112.213.86.185200 OK 5.9 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/electrolux.jpg
IP 112.213.86.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x69, components 3\012- data
Hash 96e27ac48f677260440e9ac23dff05a0
6b573a8d80b400608164b8c9ac89a92d4a695318
4acbc0127dfa4ff7570b6922c6ac77515fbdd602da6936ba2a594c1534bd569c
GET /wp-content/uploads/2021/01/electrolux.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:06 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "1724-5e219d22b2846"
Accept-Ranges: bytes
Content-Length: 5924
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
dienmayxanhtrungtam.com/wp-content/uploads/2022/04/baner-mr-hoang-alodigital-1.png
112.213.86.185200 OK 232 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2022/04/baner-mr-hoang-alodigital-1.png
IP 112.213.86.185:0
File type PNG image data, 1300 x 406, 8-bit colormap, non-interlaced\012- data
Size 232 kB (232169 bytes)
Hash 95ad1244d9295b53d8cf39149ecadc96
2025c3141c0f943eb001be6dca8cd97792d6ab4a
5598349e9f1527cdd1dc8e9f4cc89f34e78c7fb1c878f6c6c357362625cb5f77
GET /wp-content/uploads/2022/04/baner-mr-hoang-alodigital-1.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:05 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "38ae9-5e219d2297a96"
Accept-Ranges: bytes
Content-Length: 232169
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/Daikin_Logo.jpg
112.213.86.185200 OK 10 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/Daikin_Logo.jpg
IP 112.213.86.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=505, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2337], progressive, precision 8, 300x100, components 3\012- data
Hash 35057e61e7d8e0cd55be280425b82ca2
985ec022f5e22114b6e1271f88ac4f04f9e5c626
b77b4dfa9c6e5e6608a005af1cf5d661bbbadeae4f5b6e9e315a71d33eb60660
GET /wp-content/uploads/2021/01/Daikin_Logo.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:06 GMT
Server: Apache/2
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "27a7-5e219d22bfb36"
Accept-Ranges: bytes
Content-Length: 10151
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
142.250.74.106200 OK 6.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
IP 142.250.74.106:0
Hash e7e3f5c97df411913383e6c6907911b6
63ee6d48f35d9449f319ea1bf2c0c1667a82da08
ba7bfaf4622f11065a6edf3c719c41094d9953cbf1f984dd1298c3a049dc5903
GET /css?family=Roboto%3Aregular%2C500%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 06:46:01 GMT
date: Tue, 31 Jan 2023 06:46:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/sony.png
112.213.86.185200 OK 13 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/sony.png
IP 112.213.86.185:0
File type PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e5cd23af8194af58d4b65987f109e0d6
d033b718ff502cd019421c62a4eef94044a1b7fc
301feaacbe41912298d4bef0e4656efdc2f55dc89e9684e8d6e56c6e60e34955
GET /wp-content/uploads/2021/01/sony.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:06 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "3435-5e219d22b8606"
Accept-Ranges: bytes
Content-Length: 13365
Keep-Alive: timeout=2, max=92
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2021/01/sharp.jpg
112.213.86.185200 OK 9.9 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/01/sharp.jpg
IP 112.213.86.185:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=816, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=4740], progressive, precision 8, 300x100, components 3\012- data
Hash c26e492652a5422eab3048c1f6cb00ef
a477f9be1c675edadb474258bfddb12aad515741
cc4f738c2575c27637568fe04865a46285e635ee219a4b72c0aaa8c59cb0ac61
GET /wp-content/uploads/2021/01/sharp.jpg HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:06 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "2697-5e219d22b7a4e"
Accept-Ranges: bytes
Content-Length: 9879
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 31 Jan 2023 05:45:20 GMT
expires: Tue, 31 Jan 2023 07:45:20 GMT
cache-control: public, max-age=7200
age: 3644
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d9e7028883da0be37fa509c335d6a12b
d54b7637e3e5181d65c831283d2caf40c76c6fff
7ddc3cd14856bcfb93af95eacd467348f00790bdd19e13a5da8d246141ece38f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DDC3CD14856BCFB93AF95EACD467348F00790BDD19E13A5DA8D246141ECE38F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12046
Expires: Tue, 31 Jan 2023 10:06:50 GMT
Date: Tue, 31 Jan 2023 06:46:04 GMT
Connection: keep-alive
www.google-analytics.com/j/collect?v=1&_v=j99&a=826009940&t=pageview&_s=1&dl=https%3A%2F%2Fdienmayxanhtrungtam.com%2F&ul=en-us&de=UTF-8&dt=Trung%20T%C3%A2m%20B%E1%BA%A3o%20H%C3%A0nh%20%C4%90i%E1%BB%87n%20M%C3%A1y%20Xanh&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=1036439673&gjid=1422725733&cid=1041566442.1675147578&tid=UA-225623738-1&_gid=1320135148.1675147580&_r=1&_slc=1>m=2ou1p0&z=746307925
142.250.74.46200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=826009940&t=pageview&_s=1&dl=https%3A%2F%2Fdienmayxanhtrungtam.com%2F&ul=en-us&de=UTF-8&dt=Trung%20T%C3%A2m%20B%E1%BA%A3o%20H%C3%A0nh%20%C4%90i%E1%BB%87n%20M%C3%A1y%20Xanh&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=1036439673&gjid=1422725733&cid=1041566442.1675147578&tid=UA-225623738-1&_gid=1320135148.1675147580&_r=1&_slc=1>m=2ou1p0&z=746307925
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=826009940&t=pageview&_s=1&dl=https%3A%2F%2Fdienmayxanhtrungtam.com%2F&ul=en-us&de=UTF-8&dt=Trung%20T%C3%A2m%20B%E1%BA%A3o%20H%C3%A0nh%20%C4%90i%E1%BB%87n%20M%C3%A1y%20Xanh&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=1036439673&gjid=1422725733&cid=1041566442.1675147578&tid=UA-225623738-1&_gid=1320135148.1675147580&_r=1&_slc=1>m=2ou1p0&z=746307925 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dienmayxanhtrungtam.com
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://dienmayxanhtrungtam.com
date: Tue, 31 Jan 2023 06:46:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:38:36 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 823132937
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
dienmayxanhtrungtam.com/wp-content/uploads/2022/04/baner-mr-hoang-alodigital-2.png
112.213.86.185200 OK 225 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2022/04/baner-mr-hoang-alodigital-2.png
IP 112.213.86.185:0
File type PNG image data, 1300 x 406, 8-bit colormap, non-interlaced\012- data
Size 225 kB (225226 bytes)
Hash c18ad181beb6884cc1b952441ebffb47
2518abdc9a13af807fe712bd5645983ad882b256
df496f86dcb5de98a0c4fbdb2092f1cfcfc01bff41519321062b7ecdfa3e7bd1
GET /wp-content/uploads/2022/04/baner-mr-hoang-alodigital-2.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Cookie: _ga_XGP1CELM7S=GS1.1.1675147578.1.0.1675147578.0.0.0; _ga=GA1.1.1041566442.1675147578
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:06 GMT
Server: Apache/2
Vary: Referer
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "36fca-5e219d22995ee"
Accept-Ranges: bytes
Content-Length: 225226
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2021/06/cropped-logo-bao-tri-dien-may-32x32.png
112.213.86.185200 OK 1.9 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/06/cropped-logo-bao-tri-dien-may-32x32.png
IP 112.213.86.185:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash fb87805c84b9081417be6ab97ce12aed
025720696aed64d82554a235a4c1ee98199ece5e
965eedddd1edda4feabea4e21a3c3a76c36777ff5ec1d6082ba771536abba0be
GET /wp-content/uploads/2021/06/cropped-logo-bao-tri-dien-may-32x32.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Cookie: _ga_XGP1CELM7S=GS1.1.1675147578.1.0.1675147578.0.0.0; _ga=GA1.1.1041566442.1675147578
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:07 GMT
Server: Apache/2
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "76e-5e219d22aa75e"
Accept-Ranges: bytes
Content-Length: 1902
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/png
dienmayxanhtrungtam.com/wp-content/uploads/2021/06/cropped-logo-bao-tri-dien-may-192x192.png
112.213.86.185200 OK 33 kB URL HTTP/1.1 dienmayxanhtrungtam.com/wp-content/uploads/2021/06/cropped-logo-bao-tri-dien-may-192x192.png
IP 112.213.86.185:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 6bba7fded1db84a063fd63cc5e5c7dcc
232e71488dcce31ae458ce936799df9ab2d52faf
43b62c6fc6782848c839650ea0c116f542e459f717434a20f74a82896601ccce
GET /wp-content/uploads/2021/06/cropped-logo-bao-tri-dien-may-192x192.png HTTP/1.1
Host: dienmayxanhtrungtam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Cookie: _ga_XGP1CELM7S=GS1.1.1675147578.1.0.1675147578.0.0.0; _ga=GA1.1.1041566442.1675147578
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:07 GMT
Server: Apache/2
Last-Modified: Thu, 23 Jun 2022 09:10:11 GMT
ETag: "8131-5e219d22aaf2e"
Accept-Ranges: bytes
Content-Length: 33073
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
s4.histats.com/stats/4678438.php?4678438&@f16&@g1&@h1&@i1&@j1675147579975&@k0&@l1&@mTrung%20T%C3%A2m%20B%E1%BA%A3o%20H%C3%A0nh%20%C4%90i%E1%BB%87n%20M%C3%A1y%20Xanh&@n0&@o1000&@q0&@r0&@s3&@ten-US&@u1280&@b1:152024919&@b3:1675147580&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdienmayxanhtrungtam.com%2F&@w
54.39.156.32200 OK 48 B URL HTTP/1.1 s4.histats.com/stats/4678438.php?4678438&@f16&@g1&@h1&@i1&@j1675147579975&@k0&@l1&@mTrung%20T%C3%A2m%20B%E1%BA%A3o%20H%C3%A0nh%20%C4%90i%E1%BB%87n%20M%C3%A1y%20Xanh&@n0&@o1000&@q0&@r0&@s3&@ten-US&@u1280&@b1:152024919&@b3:1675147580&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdienmayxanhtrungtam.com%2F&@w
IP 54.39.156.32:0
File type ASCII text, with no line terminators
Hash 2c9607dc3ba6ce7f822ec1000adc9a9d
97643aa7b1f5d1692463334bdf1bbce57ba5d010
0ec1bcb240a53aa0a9652b960b56db9e79d1b380f7e8ecb67be7522462798a85
GET /stats/4678438.php?4678438&@f16&@g1&@h1&@i1&@j1675147579975&@k0&@l1&@mTrung%20T%C3%A2m%20B%E1%BA%A3o%20H%C3%A0nh%20%C4%90i%E1%BB%87n%20M%C3%A1y%20Xanh&@n0&@o1000&@q0&@r0&@s3&@ten-US&@u1280&@b1:152024919&@b3:1675147580&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdienmayxanhtrungtam.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 06:46:04 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 48
Connection: close
s10.histats.com/counters/cc_3.js
46.105.201.240200 OK 8.1 kB URL HTTP/2 s10.histats.com/counters/cc_3.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (19008), with no line terminators
Hash 69fcb7b346ffc4761ff0c82a6afb0839
b99109400d44c1a677eeaa09e70fce9b8e7b3a8e
2b4198c730e3389c590e901655ea62ce5afb00a8d872c620a4c74678b134917b
GET /counters/cc_3.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dienmayxanhtrungtam.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 06:37:23 GMT
etag: "1221776688"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 838960258
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 8055
X-Firefox-Spdy: h2