urlscan.io logo urlscan.io
SecurityTrails logo

chotso79.win Open in urlscan Pro
2606:4700:3033::6812:3862  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://chotso79.win/
Effective URL: http://chotso79.win/
Submission: On June 04 via manual from VN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3033::6812:3862, located in United States and belongs to CLOUDFLARENET, US. The main domain is chotso79.win.
This is the only time chotso79.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 8 118.69.171.151 18403 (FPT-AS-AP...)
4 210.211.97.114 38731 (VTDC-AS-V...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:3::621 54113 (FASTLY)
33 10
6    2606:4700:3033::6812:3862 (United States)

ASN13335 (CLOUDFLARENET, US)
chotso79.win
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:3034::ac43:87a4 (United States)

ASN13335 (CLOUDFLARENET, US)
i.rongbachkim.bid
8    118.69.171.151 (Viet Nam)

ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN)
www.minhngoc.net.vn
4    210.211.97.114 (Hanoi, Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)
www.xoso.com
1    2606:4700:3037::681c:40a (United States)

ASN13335 (CLOUDFLARENET, US)
top.adtong.loan
7    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
vsb20.tawk.to
static-v.tawk.to
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Domain Requested by
8 www.minhngoc.net.vn 4 redirects chotso79.win
6 chotso79.win chotso79.win
4 www.xoso.com chotso79.win
www.minhngoc.net.vn
3 vsb20.tawk.to embed.tawk.to
3 cdn.jsdelivr.net embed.tawk.to
chotso79.win
3 fonts.googleapis.com embed.tawk.to
2 va.tawk.to embed.tawk.to
2 www.google-analytics.com www.googletagmanager.com
chotso79.win
2 i.rongbachkim.bid chotso79.win
1 static-v.tawk.to chotso79.win
1 embed.tawk.to chotso79.win
1 top.adtong.loan chotso79.win
1 www.googletagmanager.com chotso79.win
33 13
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
www.minhngoc.net.vn
Go Daddy Secure Certificate Authority - G2		 2020-02-16 -
2022-02-16		 2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-25 -
2020-10-09		 7 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-16 -
2021-04-17		 a year crt.sh

This page contains 4 frames:

Primary Page: http://chotso79.win/
Frame ID: B76BA03A1AC5FA565D7B9AD3117AD5A9
Requests: 26 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 18CD903895F033461F1DF392AA0E13B7
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: C09C6E78187017B99F6270488E0748DB
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 88625D00927B94D0E1939C27711472B3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

33
Requests

61 %
HTTPS

80 %
IPv6

10
Domains

13
Subdomains

10
IPs

4
Countries

607 kB
Transfer

1475 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.minhngoc.net.vn/jquery/jquery-1.7.2.js HTTP 301
  • https://www.minhngoc.net.vn/jquery/jquery-1.7.2.js
Request Chain 6
  • http://www.minhngoc.net.vn/style/bangketqua_mini.css HTTP 301
  • https://www.minhngoc.net.vn/style/bangketqua_mini.css
Request Chain 7
  • http://www.minhngoc.net.vn/getkqxs/mien-bac.js HTTP 301
  • https://www.minhngoc.net.vn/getkqxs/mien-bac.js
Request Chain 24
  • http://www.minhngoc.net.vn/images/icon/print.gif HTTP 301
  • https://www.minhngoc.net.vn/images/icon/print.gif

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
chotso79.win/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://chotso79.win/
Protocol
HTTP/1.1
Server
2606:4700:3033::6812:3862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
7cd613fc0529819b9dd1eaa28fff20bd86608952ff113fe96faffa6c3d9dba61

Request headers

Host
chotso79.win
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d2d69ee2c4b8880822213a67138c714551591282090; expires=Sat, 04-Jul-20 14:48:10 GMT; path=/; domain=.chotso79.win; HttpOnly; SameSite=Lax
X-Powered-By
PHP/7.1.33
Link
<http://chotso79.win/wp-json/>; rel="https://api.w.org/" <http://chotso79.win/>; rel=shortlink
Vary
Accept-Encoding
X-Turbo-Charged-By
LiteSpeed
CF-Cache-Status
DYNAMIC
cf-request-id
032166d82e00003240679df200000001
Server
cloudflare
CF-RAY
59e27406bc0c3240-FRA
Content-Encoding
gzip
style.css
chotso79.win/wp-content/themes/adminso/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://chotso79.win/wp-content/themes/adminso/style.css?v=5
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
2606:4700:3033::6812:3862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d298e1a7bc4eaa9857b4b330ec335ee6bfcb3ba55a1bf7ae54049717a88a216

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sat, 23 May 2020 04:58:45 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
59e2740b79c7d6b9-FRA
Content-Length
2203
cf-request-id
032166db270000d6b9a70ee200000001
Expires
Thu, 11 Jun 2020 14:48:11 GMT
style.min.css
chotso79.win/wp-includes/css/dist/block-library/ 		52 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://chotso79.win/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
2606:4700:3033::6812:3862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sat, 23 May 2020 04:58:45 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
59e2740b79373248-FRA
Content-Length
9320
cf-request-id
032166db2d00003248e5079200000001
Expires
Thu, 11 Jun 2020 14:48:11 GMT
js
www.googletagmanager.com/gtag/ 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146890901-1
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afc570aaa42e59ff7b4c993f6b14d87493ef4d7c259dd3e62dc7c18917b90fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 14:48:11 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33176
x-xss-protection
0
last-modified
Thu, 04 Jun 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Jun 2020 14:48:11 GMT
logo.png
i.rongbachkim.bid/images/2020/05/23/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.rongbachkim.bid/images/2020/05/23/logo.png
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:87a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d9708ddaac59138ef798c8c735fcd8a672db0ad0a54593eadd24233c5cb948

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
CF-Cache-Status
MISS
Last-Modified
Sat, 23 May 2020 05:55:21 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
59e2740e0f76c29f-FRA
Content-Length
2874
cf-request-id
032166dcc70000c29fb11fa200000001
Expires
Thu, 11 Jun 2020 14:48:11 GMT
anh3.gif
i.rongbachkim.bid/images/2020/02/26/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.rongbachkim.bid/images/2020/02/26/anh3.gif
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:87a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1683c3964bc1e1066049093857cf7f19c9cb78acf1eea94c43bfb54aced70cfc

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
CF-Cache-Status
MISS
Last-Modified
Wed, 26 Feb 2020 00:52:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
59e2740e0e80074a-FRA
Content-Length
104685
cf-request-id
032166dcc40000074adfb73200000001
Expires
Thu, 11 Jun 2020 14:48:11 GMT
jquery-1.7.2.js
www.minhngoc.net.vn/jquery/
Redirect Chain
  • http://www.minhngoc.net.vn/jquery/jquery-1.7.2.js
  • https://www.minhngoc.net.vn/jquery/jquery-1.7.2.js
93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.minhngoc.net.vn/jquery/jquery-1.7.2.js
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.69.171.151 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d6c27f54b1b1e4d2eeff5afc0a4ac422ebc29d10fcc356da9ce567f926cf177d

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 14:43:08 GMT
content-encoding
gzip
last-modified
Wed, 16 Apr 2014 17:38:38 GMT
server
Microsoft-IIS/10.0
etag
"0230b39a59cf1:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33694

Redirect headers

Location
https://www.minhngoc.net.vn/jquery/jquery-1.7.2.js
Date
Thu, 04 Jun 2020 14:43:07 GMT
Server
Microsoft-IIS/10.0
Connection
close
Content-Length
173
Content-Type
text/html; charset=UTF-8
bangketqua_mini.css
www.minhngoc.net.vn/style/
Redirect Chain
  • http://www.minhngoc.net.vn/style/bangketqua_mini.css
  • https://www.minhngoc.net.vn/style/bangketqua_mini.css
2 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.minhngoc.net.vn/style/bangketqua_mini.css
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.69.171.151 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5a4b9817755fbf2e093fd81fb85b24fd917d2f1e7db518bb40626222a3a5d08a

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 14:43:08 GMT
content-encoding
gzip
last-modified
Wed, 23 Apr 2014 15:14:25 GMT
server
Microsoft-IIS/10.0
etag
"c7e91b665fcf1:0"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
722

Redirect headers

Location
https://www.minhngoc.net.vn/style/bangketqua_mini.css
Date
Thu, 04 Jun 2020 14:43:07 GMT
Server
Microsoft-IIS/10.0
Connection
close
Content-Length
176
Content-Type
text/html; charset=UTF-8
mien-bac.js
www.minhngoc.net.vn/getkqxs/
Redirect Chain
  • http://www.minhngoc.net.vn/getkqxs/mien-bac.js
  • https://www.minhngoc.net.vn/getkqxs/mien-bac.js
6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.minhngoc.net.vn/getkqxs/mien-bac.js
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.69.171.151 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
Microsoft-IIS/10.0 / PHP/5.6.31
Resource Hash
f201275bc87291dfb6d2eaa993271b5b512b358dee15322d585ff191b4067b7a

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 14:43:08 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
PHP/5.6.31
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
200
cache-control
no-cache
content-length
2229

Redirect headers

Location
https://www.minhngoc.net.vn/getkqxs/mien-bac.js
Date
Thu, 04 Jun 2020 14:43:07 GMT
Server
Microsoft-IIS/10.0
Connection
close
Content-Length
170
Content-Type
text/html; charset=UTF-8
jquery-1.7.2.js
www.xoso.com/public/client/js/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.xoso.com/public/client/js/jquery-1.7.2.js
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
210.211.97.114 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software
nginx/1.8.0 /
Resource Hash
e7de57df1e3b09ac8098faf1d31bfb0dbdfb5510dca927004a02608c9185b832

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
Last-Modified
Fri, 16 May 2014 08:10:34 GMT
Server
nginx/1.8.0
ETag
"705708-17243-4f97ff2a67280"
X-Cache-Status
HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
94787
Expires
Thu, 04 Jun 2020 14:58:11 GMT
demo.css
www.xoso.com/public/client/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.xoso.com/public/client/css/demo.css
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
210.211.97.114 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software
nginx/1.8.0 /
Resource Hash
eaa9daa2fb407106dcd4b4439e0c498709326318357f6d494036cb3eeb043a33

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Apr 2014 07:55:08 GMT
Server
nginx/1.8.0
ETag
W/"70568c-f1d-4f829c0276f00"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Jun 2020 14:58:11 GMT
getkqxs-xo-so-mien-bac.js
www.xoso.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.xoso.com/getkqxs-xo-so-mien-bac.js
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
210.211.97.114 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software
nginx/1.8.0 / PHP/5.4.45
Resource Hash
3fa9c9ffb153745aed635932b72ea31191ac6428fed6e09063c8ba499b06bd50

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
Content-Encoding
gzip
Server
nginx/1.8.0
X-Powered-By
PHP/5.4.45
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Jun 2020 14:58:11 GMT
image.php
top.adtong.loan/ 		989 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://top.adtong.loan/image.php?150
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
2606:4700:3037::681c:40a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec1e481bd55a653b0721404dba64fc1735f649fed0df26108e827f30ceb1b256

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 04 Jun 2020 14:48:11 GMT
Server
cloudflare
Content-Type
image/gif
Cache-Control
no-cache, must-relative
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
CF-RAY
59e2740e5991c303-FRA
Content-Length
989
cf-request-id
032166dcf90000c3030ba25200000001
wp-embed.min.js
chotso79.win/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://chotso79.win/wp-includes/js/wp-embed.min.js?ver=5.4.1
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
2606:4700:3033::6812:3862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sat, 23 May 2020 04:58:44 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
59e2740dd8523248-FRA
Content-Length
780
cf-request-id
032166dca200003248e50b1200000001
Expires
Thu, 11 Jun 2020 14:48:11 GMT
wp-emoji-release.min.js
chotso79.win/wp-includes/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://chotso79.win/wp-includes/js/wp-emoji-release.min.js?ver=5.4.1
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
2606:4700:3033::6812:3862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:11 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sat, 23 May 2020 04:58:44 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
59e2740e1a83d6b9-FRA
Content-Length
5193
cf-request-id
032166dcd20000d6b9a712c200000001
Expires
Thu, 11 Jun 2020 14:48:11 GMT
default
embed.tawk.to/5d8ccedbdb28311764d60377/ 		506 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3197f43c94956e14a6f2874bf3d3920cbf815e0501d1dc2601f9ef657b7e850
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://chotso79.win/
Origin
http://chotso79.win

Response headers

date
Thu, 04 Jun 2020 14:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
status
200
etag
W/"fulls6868"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
59e2740e2a821782-FRA
cf-request-id
032166dcd8000017823a1ca200000001
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146890901-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
6712
date
Thu, 04 Jun 2020 12:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 04 Jun 2020 14:56:19 GMT
collect
www.google-analytics.com/r/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2047636140&t=pageview&_s=1&dl=http%3A%2F%2Fchotso79.win%2F&ul=en-us&de=UTF-8&dt=CHOTSO79.WIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1204434038&gjid=1391112414&cid=606650875.1591282091&tid=UA-146890901-1&_gid=146135263.1591282091&_r=1&gtm=2ou5r0&z=1438809775
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jun 2020 14:48:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 18CD 		8 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Jun 2020 14:08:22 GMT
server
ESF
date
Thu, 04 Jun 2020 14:48:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jun 2020 14:48:12 GMT
css
fonts.googleapis.com/ Frame C09C 		8 KB
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Jun 2020 13:57:49 GMT
server
ESF
date
Thu, 04 Jun 2020 14:48:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jun 2020 14:48:12 GMT
css
fonts.googleapis.com/ Frame 8862 		8 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Jun 2020 13:54:23 GMT
server
ESF
date
Thu, 04 Jun 2020 14:48:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jun 2020 14:48:12 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 8862 		192 B
245 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1160924
x-cache
HIT
status
200
content-length
152
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by
cache-fra19141-FRA
date
Thu, 04 Jun 2020 14:48:12 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 8862 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2832645
x-cache
HIT
status
200
content-length
53890
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19141-FRA
date
Thu, 04 Jun 2020 14:48:12 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
1591282092154
va.tawk.to/register/ 		690 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register/1591282092154
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9250c3085283b4cc829a5bd9d90d2ea274c48d2c0abdbec8a31f4e4bc11a50f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Jun 2020 14:48:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
cf-request-id
032166e08f0000d72921183200000001
x-served-by
visitor-application-preemptive-zs0z
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
http://chotso79.win
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
59e274141e95d729-FRA
access-control-allow-headers
origin, content-type
tools.png
chotso79.win/upload/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://chotso79.win/upload/images/tools.png
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
HTTP/1.1
Server
2606:4700:3033::6812:3862 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
c0ab1d266e4e24129b47171a69314e6b41d5b01056511b4fee38dddb8f40594a

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:13 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Server
cloudflare
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=14400, must-revalidate
Transfer-Encoding
chunked
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
CF-RAY
59e27415cbddd6b9-FRA
Link
<http://chotso79.win/wp-json/>; rel="https://api.w.org/"
cf-request-id
032166e19e0000d6b9a7238200000001
Expires
Wed, 11 Jan 1984 05:00:00 GMT
print.gif
www.minhngoc.net.vn/images/icon/
Redirect Chain
  • http://www.minhngoc.net.vn/images/icon/print.gif
  • https://www.minhngoc.net.vn/images/icon/print.gif
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.minhngoc.net.vn/images/icon/print.gif
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.69.171.151 , Viet Nam, ASN18403 (FPT-AS-AP The Corporation for Financing & Promoting Technology, VN),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1493a850914c50af04b533a966a237a2b3fa3dfc78d98e044d00098939f6ee55

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 14:43:12 GMT
last-modified
Fri, 21 Jun 2013 07:33:35 GMT
server
Microsoft-IIS/10.0
etag
"a3d484a3516ece1:0"
content-type
image/gif
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1274

Redirect headers

Location
https://www.minhngoc.net.vn/images/icon/print.gif
Date
Thu, 04 Jun 2020 14:43:12 GMT
Server
Microsoft-IIS/10.0
Connection
close
Content-Length
172
Content-Type
text/html; charset=UTF-8
sprites.png
www.xoso.com/public/client/images/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xoso.com/public/client/images/sprites.png
Requested by
Host: www.minhngoc.net.vn
URL: https://www.minhngoc.net.vn/jquery/jquery-1.7.2.js
Protocol
HTTP/1.1
Server
210.211.97.114 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software
nginx/1.8.0 /
Resource Hash
aac901ea00fe908ec9c6262f19837cea791008ebaa50abd32723700e878f2401

Request headers

Referer
http://www.xoso.com/public/client/css/demo.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 14:48:12 GMT
Last-Modified
Fri, 14 Nov 2014 08:08:49 GMT
Server
nginx/1.8.0
ETag
"7056e4-189d4-507cd239039c3"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100820
Expires
Thu, 04 Jun 2020 14:58:12 GMT
/
vsb20.tawk.to/s/ 		101 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb20.tawk.to/s/?k=5ed909ac7e637bd3e63f3ab1&u=7URP9CKenucwNjwOrCtgo7Nq%2F%2F8aopmm4v63M555CJbAAWJiKHRAiX%2BUfAMkEGfv&uv=2&a=5d8ccedbdb28311764d60377&cver=0&pop=false&w=fDHEWD&jv=686&asver=651&ust=false&p=CHOTSO79.WIN&r=&EIO=3&transport=polling&__t=N9_pShk
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189258968bde78ddf60fe593cd34bdfd1560b126652757ea8431253586f618a5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 14:48:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
http://chotso79.win
access-control-allow-credentials
true
cf-ray
59e274180904d729-FRA
content-length
101
cf-request-id
032166e3000000d729211ab200000001
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 8862 		413 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
2884242
x-cache
HIT
status
200
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19141-FRA
date
Thu, 04 Jun 2020 14:48:12 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
tawk-widget.woff2
static-v.tawk.to/a-v3/fonts/ Frame C09C 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-v.tawk.to/a-v3/fonts/tawk-widget.woff2?yh9epr
Requested by
Host: chotso79.win
URL: http://chotso79.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://chotso79.win/
Origin
http://chotso79.win

Response headers

date
Thu, 04 Jun 2020 14:48:12 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
2744
cf-request-id
032166e2fd000017823a22c200000001
pragma
public
last-modified
Mon, 15 Jul 2019 17:37:05 GMT
server
cloudflare
etag
"5d2cb9c1-ab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
59e27417ff861782-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
vsb20.tawk.to/s/ 		443 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb20.tawk.to/s/?k=5ed909ac7e637bd3e63f3ab1&u=7URP9CKenucwNjwOrCtgo7Nq%2F%2F8aopmm4v63M555CJbAAWJiKHRAiX%2BUfAMkEGfv&uv=2&a=5d8ccedbdb28311764d60377&cver=0&pop=false&w=fDHEWD&jv=686&asver=651&ust=false&p=CHOTSO79.WIN&r=&EIO=3&transport=polling&__t=N9_pSkV&sid=TZkAqvc5rw1uVSHj5-yJ
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aab611ce07d21f70f856b32f9db1c470e640148c1ab76db17222d72dc5120f0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 14:48:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
http://chotso79.win
access-control-allow-credentials
true
cf-ray
59e274190bbcd729-FRA
content-length
443
cf-request-id
032166e3a20000d729211c0200000001
v3
va.tawk.to/log-performance/ 		5 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Jun 2020 14:48:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
cf-request-id
032166e42a0000d729211c9200000001
x-served-by
visitor-application-preemptive-s8xl
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
http://chotso79.win
access-control-allow-credentials
true
cf-ray
59e27419ddefd729-FRA
access-control-allow-headers
origin, content-type
/
vsb20.tawk.to/s/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb20.tawk.to/s/?k=5ed909ac7e637bd3e63f3ab1&u=7URP9CKenucwNjwOrCtgo7Nq%2F%2F8aopmm4v63M555CJbAAWJiKHRAiX%2BUfAMkEGfv&uv=2&a=5d8ccedbdb28311764d60377&cver=0&pop=false&w=fDHEWD&jv=686&asver=651&ust=false&p=CHOTSO79.WIN&r=&EIO=3&transport=polling&__t=N9_pSme&sid=TZkAqvc5rw1uVSHj5-yJ
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d8ccedbdb28311764d60377/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://chotso79.win/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 14:48:13 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
http://chotso79.win
access-control-allow-credentials
true
cf-ray
59e27419ddf2d729-FRA
content-length
4
cf-request-id
032166e42b0000d729211ca200000001

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings function| gtag object| dataLayer object| Tawk_API object| Tawk_LoadStart object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| twemoji object| wp string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName function| $ function| jQuery string| bgcolor string| titlecolor string| dbcolor string| fsize string| kqwidth function| getnew_boxkqxs function| getnew_boxkqxs_ngay function| updatecolor string| tt function| jstrpos

3 Cookies

Domain/Path Name / Value
.chotso79.win/ Name: __cfduid
Value: d704fc43f8e7a0bf5b7da23e5092ca8161591282092
.chotso79.win/ Name: __tawkuuid
Value: e::chotso79.win::7URP9CKenucwNjwOrCtgo7Nq//8aopmm4v63M555CJbAAWJiKHRAiX+UfAMkEGfv::2
chotso79.win/ Name: TawkConnectionTime
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
chotso79.win
embed.tawk.to
fonts.googleapis.com
i.rongbachkim.bid
static-v.tawk.to
top.adtong.loan
va.tawk.to
vsb20.tawk.to
www.google-analytics.com
www.googletagmanager.com
www.minhngoc.net.vn
www.xoso.com
118.69.171.151
210.211.97.114
2606:4700:10::6816:1883
2606:4700:3033::6812:3862
2606:4700:3034::ac43:87a4
2606:4700:3037::681c:40a
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:821::200a
2a04:4e42:3::621
02d9708ddaac59138ef798c8c735fcd8a672db0ad0a54593eadd24233c5cb948
1493a850914c50af04b533a966a237a2b3fa3dfc78d98e044d00098939f6ee55
1683c3964bc1e1066049093857cf7f19c9cb78acf1eea94c43bfb54aced70cfc
189258968bde78ddf60fe593cd34bdfd1560b126652757ea8431253586f618a5
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3fa9c9ffb153745aed635932b72ea31191ac6428fed6e09063c8ba499b06bd50
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
5a4b9817755fbf2e093fd81fb85b24fd917d2f1e7db518bb40626222a3a5d08a
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7cd613fc0529819b9dd1eaa28fff20bd86608952ff113fe96faffa6c3d9dba61
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9aab611ce07d21f70f856b32f9db1c470e640148c1ab76db17222d72dc5120f0
9d298e1a7bc4eaa9857b4b330ec335ee6bfcb3ba55a1bf7ae54049717a88a216
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aac901ea00fe908ec9c6262f19837cea791008ebaa50abd32723700e878f2401
afc570aaa42e59ff7b4c993f6b14d87493ef4d7c259dd3e62dc7c18917b90fc4
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c0ab1d266e4e24129b47171a69314e6b41d5b01056511b4fee38dddb8f40594a
c3197f43c94956e14a6f2874bf3d3920cbf815e0501d1dc2601f9ef657b7e850
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d6c27f54b1b1e4d2eeff5afc0a4ac422ebc29d10fcc356da9ce567f926cf177d
d9250c3085283b4cc829a5bd9d90d2ea274c48d2c0abdbec8a31f4e4bc11a50f
e7de57df1e3b09ac8098faf1d31bfb0dbdfb5510dca927004a02608c9185b832
eaa9daa2fb407106dcd4b4439e0c498709326318357f6d494036cb3eeb043a33
ec1e481bd55a653b0721404dba64fc1735f649fed0df26108e827f30ceb1b256
f201275bc87291dfb6d2eaa993271b5b512b358dee15322d585ff191b4067b7a
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b