URL: https://tida-quetthetindungtructuyen.com/
Submission Tags: demotag1 demotag2 Search All
Submission: On September 07 via api from VN — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 45 HTTP transactions. The main IP is 103.75.187.195, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is tida-quetthetindungtructuyen.com.
TLS certificate: Issued by R3 on September 5th 2023. Valid for: 3 months.
This is the only time tida-quetthetindungtructuyen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 103.75.187.195 135905 (VNPT-AS-V...)
35 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 123.30.242.10 135905 (VNPT-AS-V...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 2a00:1450:400... 15169 (GOOGLE)
45 7
Apex Domain
Subdomains
Transfer
35 g-pay.vn
g-pay.vn
139 KB
3 gstatic.com
fonts.gstatic.com
41 KB
3 tida-quetthetindungtructuyen.com
tida-quetthetindungtructuyen.com
16 KB
1 icons8.com
img.icons8.com — Cisco Umbrella Rank: 33285
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249
27 KB
1 dktcdn.net
blog.dktcdn.net
93 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
1 KB
45 7
Domain Requested by
35 g-pay.vn tida-quetthetindungtructuyen.com
3 fonts.gstatic.com fonts.googleapis.com
3 tida-quetthetindungtructuyen.com tida-quetthetindungtructuyen.com
1 img.icons8.com tida-quetthetindungtructuyen.com
1 cdnjs.cloudflare.com tida-quetthetindungtructuyen.com
1 blog.dktcdn.net tida-quetthetindungtructuyen.com
1 fonts.googleapis.com tida-quetthetindungtructuyen.com
45 7

This site contains no links.

Subject Issuer Validity Valid
tida-quetthetindungonline.com
R3
2023-09-05 -
2023-12-04
3 months crt.sh
g-pay.vn
GTS CA 1P5
2023-08-07 -
2023-11-05
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.dktcdn.net
AlphaSSL CA - SHA256 - G2
2022-10-20 -
2023-11-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
1004834818.rsc.cdn77.org
R3
2023-07-09 -
2023-10-07
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh

This page contains 1 frames:

Primary Page: https://tida-quetthetindungtructuyen.com/
Frame ID: 18ED1E0193390C83D525C7DE8672BBAB
Requests: 45 HTTP requests in this frame

Screenshot

Page Title

mPOS | Giải pháp rút tiền thẻ tín dụng an toàn và nhanh chóng

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

320 kB
Transfer

572 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tida-quetthetindungtructuyen.com/
18 KB
3 KB
Document
General
Full URL
https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.75.187.195 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
nginx / PHP/7.4.24
Resource Hash
c15ba06bf178eaa6d01093f50572a9e9552ec350d40c1d5f4ca3cf12972700fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
2922
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:07:26 GMT
server
nginx
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.4.24
bootstrap.min.css
g-pay.vn/user/css/bootstrap/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://g-pay.vn/user/css/bootstrap/css/bootstrap.min.css?v=1
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
454519
etag
W/"5fcb4ae5-1d970"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTPO3VQWY%2F36%2FUv8wgvYbX7RQw8LXproDiIf0mlk1LuyDwtDbqL8kjgzcacBR%2FYMQRhiSM6NuGgzZNtY0rTnJ2LoBOkaOrhJm6%2BxS7JalAm1dnqp2irOo%2Bh0ENzPF32%2FoBhGt8Mwfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
80308c4c2d324dcb-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
g-pay.vn/user/css/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://g-pay.vn/user/css/font-awesome/css/font-awesome.min.css
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
273280
etag
W/"5fcb4ae6-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4e8bhGMn04%2F5gy3IWUeXok%2ByOU1IfyNuXWbgpfGalanFGgDdED%2FGk9sKmSptCwQqHU1TJMVnpgGlQVH%2BktdPcHRExE9Fs3%2FpZtudX0pF%2F9FgmDPqqGGvj4EYX6bIkh%2FKgQnWNkAitQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
80308c4c2d344dcb-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
tida-quetthetindungtructuyen.com/
62 KB
12 KB
Stylesheet
General
Full URL
https://tida-quetthetindungtructuyen.com/style.css
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.75.187.195 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
nginx /
Resource Hash
4825828ce9036a0038979b895b9ebec9aa5c04dca054e55b22f1d46a3be2dbde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
gzip
last-modified
Mon, 03 Jul 2023 19:42:10 GMT
server
nginx
etag
W/"64a32492-f75e"
vary
Accept-Encoding
content-type
text/css
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Alata&family=Quattrocento+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Rowdies:wght@300&family=Unica+One&display=swap
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1c296367c26a7abf41a6cc52ded570553aa56d97acb3f94c99fd6c8e8ea910e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 17:07:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 17:07:26 GMT
mpos-1.jpeg
blog.dktcdn.net/files/
92 KB
93 KB
Image
General
Full URL
https://blog.dktcdn.net/files/mpos-1.jpeg
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.30.242.10 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
VCCloud CDN / 246.df0a5f0bdbf84d627bf1da73d4a118ab /
Resource Hash
1177b7996aabcc9c5b7a3792de00f262fe3904a6a061194cb00d984014af089e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Nov 2022 09:55:46 GMT
server
VCCloud CDN / 246.df0a5f0bdbf84d627bf1da73d4a118ab
vary
Accept
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
x-cache
HIT from VCCloud CDN
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
content-length
94524
x-xss-protection
1; mode=block
VCB.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/VCB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98437eae833281aaa3aae21e129452e016294235946ed4f38aebbba3dbd3fe48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
128747
alt-svc
h3=":443"; ma=86400
content-length
3005
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-bbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCiXWKt6kqbVNhilhMj%2FMda5zMdIw7iAY%2Fj20P7ZA8yZfRsH315dIXqOyjT4CSVdEwCG0tykqmL4fJ7rulDmZ47aKqT6OJumgRTeJzmgv7RdDCmIpVcs6KHT%2Fb477BDlwaxqNJR40g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c2d354dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
VTB.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/VTB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d553a33a95c2ebf31a9f6ec5728a09534db8d5ba244cfcef452e81d64eea81ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24780
alt-svc
h3=":443"; ma=86400
content-length
2738
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-ab2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PhDPNfBMRRECgV4d0dW%2Fu1icfil9fqIdnRAcin7unvuVrCiUbx2xbYHmHk5CLjiAL1E6LD6N%2F8dBqoSuR%2Bt%2Fkt3qugQDOXvc6BAVKybbgdpz%2Ft4lKVpMuWOTiPbGAmLpBTVWkHMfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c2d364dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
BIDV.png
g-pay.vn/image/page_payment/section_5/
4 KB
4 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/BIDV.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a976b9c2ab7323aa96cd4ad6ba91c500686610971d242528ae1c47f77a57d7ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
304546
alt-svc
h3=":443"; ma=86400
content-length
3770
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-eba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNLbrV1DVc5qt6Qpc8j6ho8KbFBa7rZbA58t7ycsu4s2IP1TlqRaUyFeVjLNPV9hJR10qs%2FQaiczQ5k9OoyzSlshnGFskw1tM0vTINnWVkVnm5roiRFFSwSEBDuOnMyOKLEAgoUUJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c2d374dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
AGB.png
g-pay.vn/image/page_payment/section_5/
4 KB
4 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/AGB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
552787c4e6a5fd6590ea10b2ca2b08db3cb472f0925cb465c6b4b03e764adb56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110111
alt-svc
h3=":443"; ma=86400
content-length
4142
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-102e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDrd9TlcgN5xlXPuAlKJ%2Bf5mLSvM5OgytBS5ozR7ZcLx46MenIsENbBcoozA4%2FoEbasNoRvnivL8wq%2BBtfSItJOGppl5f3nXChtw75dYR3VA8BPY1U36jSObk2Y9Y%2BBXeN5XE7byrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c2d394dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ACB.png
g-pay.vn/image/page_payment/section_5/
2 KB
2 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/ACB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd4e64311492e5ab10f632862e6f39311b921bfca44b4ca701627ae6f7a8f73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
1792
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx%2FZRlAaE%2BWzYZF71Q0NRU7LIGe%2FKLhqhQnrVeVlflXOAIfTCMIUmlRnOZ58XX0wXlWyzGPH7rWkamEjgLh2kGns%2FHk4mNOOfCesqjeZlw5AqGwcQX%2BbtV2EPCqF3Lkg5uxOZePjsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d594dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
VP.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/VP.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f916b03e837637949f8b00d211c519064eac23a1c7c52407365499fba5f2e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
3109
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-c25"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZTiHFhCl9vgVh84ihUbvGo9X4xluNpf21Iq9S7eu0Rx0MS4kWYqSjVdwnoEh%2BZqviZz%2BFH5o0Olyhbv%2FkIgDuKe7dZJkdR6sSfeJ9rvmtDKW72sBtDAxLEX89tz81iUoG16Gajf6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d5b4dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
MB.png
g-pay.vn/image/page_payment/section_5/
2 KB
2 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/MB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d7f1b75d56a3d67674dceae34c45f419238fd948be16e616d67495502a76a21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
469646
alt-svc
h3=":443"; ma=86400
content-length
1762
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-6e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiVoEmhsHyLg2BsIUd%2FPKktm8RHGWShmX8e7SL%2By49piVUSZTQNDVjo3b6Kwf%2F9c6ghOsF%2FRXe%2BIHFXtD%2BKM2IUi689CbWYLNalSc%2FcEG1O39C%2F5WD3up3gSCEZApcs7PkOw22J2aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d5c4dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
MSB.png
g-pay.vn/image/page_payment/section_5/
2 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/MSB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276657313d06958d68b2733dcc96c2167d516d7ac6602cf450f8f1b13bb0ed59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186513
alt-svc
h3=":443"; ma=86400
content-length
2512
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-9d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABfx3mKYtVJ4oIr3s1U3l9k13FuOE8SHhKEN9%2F1gSZZXS01QFK0fClFgYzofSoMT%2B4OBJrartAXOyQdu1Kj1MN4hRDk9xdlYqQGbfBv95FI1p%2BdiqC4msjHFoa3QsI4YdZW2XS3NOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d5e4dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
VIB.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/VIB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045d5564c6614519d839cbc65d6078fc537ea414441630dc72f256d25dc36812

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
128747
alt-svc
h3=":443"; ma=86400
content-length
2710
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-a96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIfQNQnUNFb%2BqBZG2%2FM3wf4ir3g51YzJbixxhyNURKtXvpstJLeoOexThqkqurRKvfTus2hdwjHSqI99E3xB%2BOhSmLkYVw%2B3hCXuzW0ZdNyJlYaylCDRR%2BPNEvqpQo2%2FikLVmQfdgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d604dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
SHB.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/SHB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00045650c7a2d6d78b08dd6827eb2ccb211cf18a6252b8d591289e27e9649e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
2826
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-b0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nudaj7m4jxPM4Yc2vONMBzLkCYp2KdL6oxnGFDCIqeNCeDGQd1WKXxq7AyU0k9iri2fayUDf98L4etR0LvXGIbziYZJ3wYzHdvE3gEyjyNhrNNpnNlFY%2FfxQry1nGv8axpIMn6z51w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d644dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
TPB.png
g-pay.vn/image/page_payment/section_5/
2 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/TPB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5362b5bf5d87648410185246a596c08137eca9608809691139707cbddd0c902c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
2444
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-98c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2nDDTu97BcQHLXeq9vg9HQXG10ma%2FRWxPtJQIbLJmF1xBqJ08MP58rXW4SpBn43PJFPOmcljPfRImOJqpkuJEF%2FCe8cjPLlaL26G%2BGQpjCoPRwkgu6gtyP%2FUiW%2BbuLTwak%2Brzd5Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d664dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
BACA.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/BACA.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5520722dc13594811896cf20f7f80e93df567b32464db8814fe31f451554ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
547140
alt-svc
h3=":443"; ma=86400
content-length
2701
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-a8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsZ4dsXFqDxrlN16txRuJfvllZMHWHAKpqitRlKQV8i8IdVBDRHsgbOFgmRFbjio5NHHGxuh1BUBPClP4pUpaSeziIYAncK2OeYWwFJ74vk%2F8K9NFZvGHU20uUt124Q25TmsCXKV7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d674dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
HDB.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/HDB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
077a2164e0924cca330af270fee3835d33a55f39bbd47274cf2f5e2c189f27f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
3050
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-bea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ibwfrnzb0rjUaDK6NZGfiWxtZeJE0T6cDucjr7HA%2BNOHUy6P%2F3mvVRjXhjUBtBg5oIoVvpHyH%2B8fUQEx1WIFKXmVgDgDESLGjbcd4JQeodpFhJSVfox%2BrfEIWSDV%2FbWYTvYnDi0fgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d6b4dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ABB.png
g-pay.vn/image/page_payment/section_5/
2 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/ABB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f385bcae2fbfd01d0b50e07281ad80d3ab1582a00252ff477ea582fad32617a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
2413
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-96d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgPHyUppkE%2BgBWzRI7Z6XobFJSbJ9ujqUZ%2FdIo7plT0Mu2HX5y%2FsQcAS2D%2FwnWIGpwkdQCNjcFV6j9KPpbNDJJsxpVCPHfKHcBodBSjLqpHgAPPBLKGuSYOwbiNMOzquNmwJZ9yumg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d6c4dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
OCB.png
g-pay.vn/image/page_payment/section_5/
4 KB
4 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/OCB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08e8926865028163d5d009bcde046d623c60f4acc9aef2a15a95bb1acecbbf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
128747
alt-svc
h3=":443"; ma=86400
content-length
4148
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-1034"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYRYY%2FtShOe%2BS3m6gzjFmG5%2FU9vny9zXGcKlMK0yVy%2FAaJWT9Xb7f020o%2BeuyQsiTr7aA4HK6OrstAezYQkhViI3QYJhCh7V3Lz6JkOcnzLdZBjzw1bGpzERSj4vZpFf77WX3kfLsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d6d4dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
OCEAN.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/OCEAN.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a42d609b9b419aa096b90ac4853f5f26d99481b0fc6d1970adf33a8e7b6387b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
2869
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-b35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gD%2BLw9R2cV%2FNyvjgxKqhLRAc9KbRfJcTZEC%2F%2BUFBcCkdVtTqJs5chcJBs6z7hknf9fbvJpphxpcXVzc8fQvsolejXFlAYCfR1VSMZpqYV5wLcWaAaFxQmK9M4tADutNG1AEWK1U%2BNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d6f4dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
NCB.png
g-pay.vn/image/page_payment/section_5/
2 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/NCB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c74480d59e8ef7299a299f053428a2cbdce31d276a09a18ce9eee52ab5be5d7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
2494
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-9be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsT9B9T5c09E2AtFMaUisYYaIDPpMgTzIqkAzefdABmOTC1MVAUIhAY7MLi2EaIyHzIE8NWjC7VdsE2hTA6YgEK0FFbuigJ%2Fm5xvyoxyQFc1sdCzPCOBzD29JKYlF50l9%2Fp3OKUEXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d724dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
BAOVIET.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/BAOVIET.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1e79b41afb4c132bc01bfadcb8e6c089dae43be366d75cc4ede49b8a0887d58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
3178
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-c6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlFSP5iieyisRM6VKom41GJph3y%2FdWfEZ4hFkhfiqKAndl3fMTfv%2FzrzJJP4P39xQMkm7s8HJ9Z5dJfR9DfIP9euoE11DlZiLamzY9Xb%2BGu9be%2FHQDcDB3cjD%2Bs3A3n6va2LiiCK%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d744dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
GPB.png
g-pay.vn/image/page_payment/section_5/
3 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/GPB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a4ca20b619327f12bf5e77ee3b59d90fa711d0a79263a1f7e6baf6fa549a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
3099
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-c1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2lEt6J%2BSTg5uIKxhIYHM89CYblTGad9WC%2FeDtSCzI%2FU3SmXv%2Fb2BSgF56Cx06eoBJw62I9EyW%2F1u5nw5FhSKqlajL2tSPfr0pv2NkZTLnxsMcd2re04eOtyJ%2FY65fwEBw2PjwpNbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d754dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
NAMA.png
g-pay.vn/image/page_payment/section_5/
2 KB
3 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/NAMA.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a415a2d706836ab5f73a1090174e4272eef295eb6be95012424ab95fe05a1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
304431
alt-svc
h3=":443"; ma=86400
content-length
2315
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-90b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ax1PVTODOZXKsDw7%2BKz%2BIfdtBKbuhsMLF3kd8VpI2P%2BGo6fYXnR%2Fauo3pipS38LghZMfA1DpX8GLgXFwEMXIna51I3heysSYbk02%2Fnmqlcv%2BpuS%2FM2YDsZsY7GANhYQKQ%2BFiM2o%2FSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d764dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
PGB.png
g-pay.vn/image/page_payment/section_5/
3 KB
4 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/PGB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56d727a965e6578c2294f3091f8d16b379a0efc7644c02a8f02dbb97ba34e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
3239
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-ca7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIuICV8HJp6XO24GSqaC2A41rwqjpR798FiwSN9azhZ0J1V1IeZUVL2XGRLbF6SsoD2mBzdDCRv46FS%2BjVIZwVIhmuYHESBZoxzaTqtmjlDUz4uwjJFW3tRKYrefSQkgp%2BOr3PrUcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d774dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
VRB.png
g-pay.vn/image/page_payment/section_5/
3 KB
4 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/VRB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b37836b4f955366af22a9023a5da8004624edb5ce15f97f4add0e367a262102

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
3532
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-dcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClGnxSQz94sG053N72wF2Er6DBFAVnpi7aUuB4D9U6P9vfjwfMuH5OWLvhdhZJO7IFlSZX0HxXdYC4M1K1JxE%2Fj8WkPN4T0IRaD0S0dS1LWdh826hC4rH3XkUYJLG9WFI5O%2FCUceqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c4d784dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
KLB.png
g-pay.vn/image/page_payment/section_5/
4 KB
5 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/KLB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1218c5cbccac014477513f1fd95f0cb6096c1f5a1ce653ff7928b4cb0bb82080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
4556
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-11cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xb7aqY1pGtTLBCxKg1u6L6IQJ5MgDRzDVzaZaifTa9DgkOGsA%2BQrfU49FLsG5COxqyTRYSSItWxxMdokztQik0UqGq7xhW4K9si3ml%2FRGtTlYP7wpLd0XFDfg9g79qcCAGNXqjFHog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c5d794dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
LVB.png
g-pay.vn/image/page_payment/section_5/
4 KB
4 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_5/LVB.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3236ce1c5ae294ec29d023442a4b1f01bcf0f03d06ddad841c9e4bdf609693b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
3629
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-e2d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UN0gCWlKjwN9scXDPevqZn6JVQWYuou%2FPTV%2BpDXSrywHA%2Bir%2BBr%2Froop1KgeP9acg55i7Eq2A%2FtGbgDE1uJhxDRy2sL%2FlmodHWReZ%2FGI%2BSmeGNgn5TVhv0FWdLsBeCqH0snlWhH9dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c5d7a4dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
the_noi_dia.svg
g-pay.vn/image/page_payment/section_2/
6 KB
2 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_2/the_noi_dia.svg
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede3bfc051811d7fd0621126a40cee1fb0b78caad0b2760f2021eba8470bc192

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110110
etag
W/"5fcb4ae5-1759"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP7xIsBmF3YDDhD4aqxa3bYNFnC1vVVdJkX1pmLcAG3yGjtj5jiuYLt8Bj4RnDqMuAVVt7GUVQo5KNcFUUOvszwSZYDhJQ0YKbocsWIY2FIdPKPaMy5sie2b0qkHJYLc2pZOyo%2F80w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
80308c4c5d7d4dcb-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
the_quoc_te.svg
g-pay.vn/image/page_payment/section_2/
5 KB
2 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_2/the_quoc_te.svg
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fe7fbfcad83150dc3732b39a03067e821f382f59821250ae3c8acfb94d32c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110110
etag
W/"5fcb4ae5-14a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsT6%2FRbIUm9MzYZTBAPgRKv4irwsAeu043Q4UW2Z6Vi5PlQp430OkyEdfJ18TZBBfTTbz7kHDBHhEzygmmy06h4TtRj1OCU%2BEuo%2FjGGDumjDMG2tPzLBBtuPgMPrFBgOoUw2Wnt40A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
80308c4c5d7e4dcb-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
big_illustration.png
g-pay.vn/image/page_payment/section_2/
23 KB
23 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_2/big_illustration.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fa81466261da30a29ef0ae5798b07c92d7a74bae4b6603c26f1be850ad4e9ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
110110
alt-svc
h3=":443"; ma=86400
content-length
23322
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
server
cloudflare
etag
"5fcb4ae5-5b1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7nFa0pyqwTwUZkRqTxD4yD%2B%2BD089qvKsnMfE48C1VE4LhPW365wloXdUVgeHp4l76hDqtnbqdiJx89v6jKdBy%2FjN9pvHU%2B1Puos4AdbyL83Hq7PX0ABExF5VEvZsgzjEYctl%2Fc4nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
80308c4c5d7f4dcb-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vi_dien_tu.svg
g-pay.vn/image/page_payment/section_2/
4 KB
1 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_2/vi_dien_tu.svg
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1b683c788cfa2c1829ce1fe8b064b5a3d2bfebed65fafcdd3c2ea1921df22c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110110
etag
W/"5fcb4ae5-e12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmP1Xtkmyi%2BSO0Kr5%2FDjJ5YjKcajzHx%2FX80nNu%2Bb42upZJSPdgSRbxfIXofRsLTOhaDb3vrQHdE5%2BCh4ZEXmLA4C7rN%2BbRB3FDnpNNNyJKSSK98V9v4ilLAW5aZq6qwuioagUDyZYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
80308c4c5d814dcb-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
thanh_toan_lien_ket_the.svg
g-pay.vn/image/page_payment/section_2/
3 KB
2 KB
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_2/thanh_toan_lien_ket_the.svg
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da5c651de95e85c86ce1aed851a1bbe96b81cfe14b43834bf3c87b0f3bec2811

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110110
etag
W/"5fcb4ae5-cb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlvWRgkfbMqTINMWa74uiZ88%2BsopbV4PIEkaeA9FpFbpicgXcST0%2BxoJn%2F0Hp0GTFjhIZCZZvgqGBICWW4AMK4JyeyQPUSayIcIAcg4M8aSvH9i4dfkXuFmuLboQaRTQtTNkFvTk1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
80308c4c5d824dcb-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/
85 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://tida-quetthetindungtructuyen.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3025371
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27437
last-modified
Tue, 01 Aug 2023 17:19:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64c93eb8-6b2d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIMb2aL%2FVBBdUMd%2FyUQYVmTSjtcc8rQhAcJnLZWOmFpwUy7wZagwS7EB%2FHNdFCzkqMtaKNUN%2F%2Bre5Haf18Sp6TuH9XpqK8a36mmrfeh85RusLzxfbm%2F0YRGlppvXFya3WNsBMisRD%2BUWLsb8b4Ky8gLh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80308c4c0bc19b22-FRA
expires
Tue, 27 Aug 2024 17:07:26 GMT
main.js
tida-quetthetindungtructuyen.com/
3 KB
1 KB
Script
General
Full URL
https://tida-quetthetindungtructuyen.com/main.js
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.75.187.195 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software
nginx /
Resource Hash
cd90b8f1b0d64455f4b916f3ee20b526d86a6740a04b5d357cd47f0bbf2b1b4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
gzip
last-modified
Mon, 03 Jul 2023 19:59:16 GMT
server
nginx
etag
W/"64a32894-b47"
vary
Accept-Encoding
content-type
application/javascript
user.svg
g-pay.vn/image/page_payment/section_7/
1 KB
909 B
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_7/user.svg
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebf666cdeae42b8e39187e11bbe7127a8e122f4d33b253b7d0fbd31ae25a333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110110
etag
W/"5fcb4ae5-416"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEgWl%2BbWFiYx4idJbRn5ehvufcmYNQRdCjFHGmXlg0w3z6CB0dO%2B3egoRvkTmDNtrGDw560F6EmyeNTZcCzgKvr0qK4TcVbXbHO2xPathDxluddLfwyM%2FMt6bod2Oy4Y4jxVAD6BWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
80308c4d8fff4d8b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
money-bag-euro.png
img.icons8.com/ios/50/
1 KB
2 KB
Image
General
Full URL
https://img.icons8.com/ios/50/money-bag-euro.png
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
220cce4ee01bee07a0c0dbd8a239b0a7bcf2bef25143ffe23a91414f4da121e5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 07 Sep 2023 17:07:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
version
0.0.29
icon-format
png
x-cache
MISS
x-77-cache
MISS
content-length
1325
x-77-nzt
AZySIYixtzah
not-found-platform
false
icon-size
50
last-modified
Thu, 07 Sep 2023 17:07:06
from-mongo-cache
true
server
CDN77-Turbo
x-77-nzt-ray
f6587a1da5dc8cff4f03fa6452e53600
vary
Origin
from-redis-cache
false
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=302400
accept-ranges
bytes
icon-id
24836
website.svg
g-pay.vn/image/page_payment/section_7/
812 B
816 B
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_7/website.svg
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
575957acfb60ffcfa9c18589c7244483b202880e77fc299c87345043fa5a0f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110110
etag
W/"5fcb4ae5-32c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKRknqfn8SprXwi4G0aaeM3KqgkRPSvdQGUaFWk5avf3cufI%2B5cj7ulh%2FBc5jjkTuULy9b0s4Pe7%2BgVUqa%2BF61RVqAzgMqNXLofW9XmBmzbpFw7bOIGlB6MzmB9fEhFDY2afhMIxbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
80308c4d88024d8b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
phone.svg
g-pay.vn/image/page_payment/section_7/
354 B
740 B
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_7/phone.svg
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8f0b87d242c8ce1ed1febf1d968221c0a4f1e7f5d4b2d7bd9e96fca367195be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110110
etag
W/"5fcb4ae5-162"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVV3ypN7rhWxtYjZycjkMlGw%2FfGIYO6ajNHUGtgNxjsLLz03nOtlNE2fU57GDEU9AoW7aJ64A%2Frfo7f%2BobIrPeeXD594YQkHmRRVnDd1j2tNL4ACP2VSeKHIq1jVFv6L2ZBAZZFuaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
80308c4d88034d8b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
company.svg
g-pay.vn/image/page_payment/section_7/
1 KB
919 B
Image
General
Full URL
https://g-pay.vn/image/page_payment/section_7/company.svg
Requested by
Host: tida-quetthetindungtructuyen.com
URL: https://tida-quetthetindungtructuyen.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a586 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f2af719a505f632a0265a3e45873dd1bc847730f4f94a0a1f164a49f5e77a0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tida-quetthetindungtructuyen.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:07:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Dec 2020 08:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
110110
etag
W/"5fcb4ae5-415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1PaCoK7K%2FItfYtU7qEdg6UqHSC%2BBVmNrEh%2Fm7aUAf0%2Bl4pe%2FK2VgIsFpTCJwAO4%2B06%2FNem3rgdMHmsxtAp7%2B7SLLIUYY%2FGcGkcnvnMcMXeiBF%2BsdREAIPq14IAxtuRew4qoji9KPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
80308c4d88074d8b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
PbytFmztEwbIoce9zqY.woff2
fonts.gstatic.com/s/alata/v9/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alata/v9/PbytFmztEwbIoce9zqY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alata&family=Quattrocento+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Rowdies:wght@300&family=Unica+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c3d3d0a34946ebaf19d2a39fe8a0472f24be02b82bc32c29c73376da138413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tida-quetthetindungtructuyen.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 21:14:46 GMT
x-content-type-options
nosniff
age
589960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17788
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:22:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Aug 2024 21:14:46 GMT
PbytFmztEwbIoceyzqYhQA.woff2
fonts.gstatic.com/s/alata/v9/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alata/v9/PbytFmztEwbIoceyzqYhQA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alata&family=Quattrocento+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Rowdies:wght@300&family=Unica+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7dec6165a80516f080d1317871ab2dc30d67210d499cb79b14413183785be92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tida-quetthetindungtructuyen.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 16:31:40 GMT
x-content-type-options
nosniff
age
520546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6796
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:35:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 16:31:40 GMT
PbytFmztEwbIocezzqYhQA.woff2
fonts.gstatic.com/s/alata/v9/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alata/v9/PbytFmztEwbIocezzqYhQA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alata&family=Quattrocento+Sans:ital,wght@0,400;0,700;1,400;1,700&family=Rowdies:wght@300&family=Unica+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f24d106ee5b5c65e12b009b6407e163ed1a614e701b80590627a68a0e89d44a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tida-quetthetindungtructuyen.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:34:07 GMT
x-content-type-options
nosniff
age
563599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16976
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:23:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 04:34:07 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.dktcdn.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
g-pay.vn
img.icons8.com
tida-quetthetindungtructuyen.com
103.75.187.195
123.30.242.10
2606:4700:3033::ac43:a586
2606:4700::6811:190e
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2003
2a02:6ea0:c700::17
00045650c7a2d6d78b08dd6827eb2ccb211cf18a6252b8d591289e27e9649e05
045d5564c6614519d839cbc65d6078fc537ea414441630dc72f256d25dc36812
077a2164e0924cca330af270fee3835d33a55f39bbd47274cf2f5e2c189f27f6
0b37836b4f955366af22a9023a5da8004624edb5ce15f97f4add0e367a262102
0f916b03e837637949f8b00d211c519064eac23a1c7c52407365499fba5f2e88
1177b7996aabcc9c5b7a3792de00f262fe3904a6a061194cb00d984014af089e
1218c5cbccac014477513f1fd95f0cb6096c1f5a1ce653ff7928b4cb0bb82080
1fe7fbfcad83150dc3732b39a03067e821f382f59821250ae3c8acfb94d32c83
220cce4ee01bee07a0c0dbd8a239b0a7bcf2bef25143ffe23a91414f4da121e5
276657313d06958d68b2733dcc96c2167d516d7ac6602cf450f8f1b13bb0ed59
3236ce1c5ae294ec29d023442a4b1f01bcf0f03d06ddad841c9e4bdf609693b1
3d7f1b75d56a3d67674dceae34c45f419238fd948be16e616d67495502a76a21
3ebf666cdeae42b8e39187e11bbe7127a8e122f4d33b253b7d0fbd31ae25a333
4825828ce9036a0038979b895b9ebec9aa5c04dca054e55b22f1d46a3be2dbde
5362b5bf5d87648410185246a596c08137eca9608809691139707cbddd0c902c
552787c4e6a5fd6590ea10b2ca2b08db3cb472f0925cb465c6b4b03e764adb56
575957acfb60ffcfa9c18589c7244483b202880e77fc299c87345043fa5a0f02
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8fa81466261da30a29ef0ae5798b07c92d7a74bae4b6603c26f1be850ad4e9ca
97c3d3d0a34946ebaf19d2a39fe8a0472f24be02b82bc32c29c73376da138413
98437eae833281aaa3aae21e129452e016294235946ed4f38aebbba3dbd3fe48
9f2af719a505f632a0265a3e45873dd1bc847730f4f94a0a1f164a49f5e77a0f
a42d609b9b419aa096b90ac4853f5f26d99481b0fc6d1970adf33a8e7b6387b8
a976b9c2ab7323aa96cd4ad6ba91c500686610971d242528ae1c47f77a57d7ab
b56d727a965e6578c2294f3091f8d16b379a0efc7644c02a8f02dbb97ba34e6d
b8f0b87d242c8ce1ed1febf1d968221c0a4f1e7f5d4b2d7bd9e96fca367195be
c15ba06bf178eaa6d01093f50572a9e9552ec350d40c1d5f4ca3cf12972700fb
c1a4ca20b619327f12bf5e77ee3b59d90fa711d0a79263a1f7e6baf6fa549a63
c74480d59e8ef7299a299f053428a2cbdce31d276a09a18ce9eee52ab5be5d7f
cd1b683c788cfa2c1829ce1fe8b064b5a3d2bfebed65fafcdd3c2ea1921df22c
cd90b8f1b0d64455f4b916f3ee20b526d86a6740a04b5d357cd47f0bbf2b1b4d
cdd4e64311492e5ab10f632862e6f39311b921bfca44b4ca701627ae6f7a8f73
d5520722dc13594811896cf20f7f80e93df567b32464db8814fe31f451554ed6
d553a33a95c2ebf31a9f6ec5728a09534db8d5ba244cfcef452e81d64eea81ee
d7dec6165a80516f080d1317871ab2dc30d67210d499cb79b14413183785be92
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
da5c651de95e85c86ce1aed851a1bbe96b81cfe14b43834bf3c87b0f3bec2811
e08e8926865028163d5d009bcde046d623c60f4acc9aef2a15a95bb1acecbbf7
ede3bfc051811d7fd0621126a40cee1fb0b78caad0b2760f2021eba8470bc192
f1c296367c26a7abf41a6cc52ded570553aa56d97acb3f94c99fd6c8e8ea910e
f1e79b41afb4c132bc01bfadcb8e6c089dae43be366d75cc4ede49b8a0887d58
f24d106ee5b5c65e12b009b6407e163ed1a614e701b80590627a68a0e89d44a2
f385bcae2fbfd01d0b50e07281ad80d3ab1582a00252ff477ea582fad32617a7
f5a415a2d706836ab5f73a1090174e4272eef295eb6be95012424ab95fe05a1d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c