urlscan.io logo urlscan.io
SecurityTrails logo

tinhbotnghenhungvan.com Open in urlscan Pro
103.171.113.239  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Effective URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Submission: On July 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 29 HTTP transactions. The main IP is 103.171.113.239, located in Viet Nam and belongs to ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN. The main domain is tinhbotnghenhungvan.com.
TLS certificate: Issued by R11 on June 26th 2024. Valid for: 3 months.
This is the only time tinhbotnghenhungvan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 103.171.113.239 140822 (ANPHATIDC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 157.240.0.6 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
29 8
20    103.171.113.239 (Viet Nam)

ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN)
tinhbotnghenhungvan.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
20 tinhbotnghenhungvan.com
tinhbotnghenhungvan.com
444 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
ajax.googleapis.com — Cisco Umbrella Rank: 469
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
91 KB
1 gstatic.com
fonts.gstatic.com
34 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
29 5
Domain Requested by
20 tinhbotnghenhungvan.com tinhbotnghenhungvan.com
2 connect.facebook.net tinhbotnghenhungvan.com
connect.facebook.net
2 fonts.googleapis.com tinhbotnghenhungvan.com
ajax.googleapis.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.facebook.com tinhbotnghenhungvan.com
1 ajax.googleapis.com tinhbotnghenhungvan.com
29 6

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
tinhbotnghenhungvan.com
R11		 2024-06-26 -
2024-09-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-14 -
2024-07-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Frame ID: F9D321FFF1187526AA368F35C79A425E
Requests: 28 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/group.php?href=https://www.facebook.com/groups/267651372508111&width=280&show_metadata=false&appId=1900732326672850&height=235
Frame ID: 7A839BFCF29780B528F08D9C23EF9565
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Không tìm thấy trang này – Tinh bột nghệ Nhưng Vần

Page URL History Show full URLs

  1. http://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification HTTP 307
    https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

29
Requests

93 %
HTTPS

71 %
IPv6

5
Domains

6
Subdomains

8
IPs

2
Countries

576 kB
Transfer

1248 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification HTTP 307
    https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request phone.php
tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/
Redirect Chain
  • http://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
  • https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
58 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
9e15fee664612d207cd9fe1fba708a354ab2d3b819573264e9251615f68306d4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 23:48:16 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://tinhbotnghenhungvan.com/wp-json/>; rel="https://api.w.org/"
server
nginx
x-powered-by
PHP/7.4.33

Redirect headers

Location
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		1 KB
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Baloo
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ad72683e8549052466a9fd35998921918e65a2a68dbb44b30dd46856002add5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jul 2024 23:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 23:48:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jul 2024 23:48:16 GMT
css
fonts.googleapis.com/ 		2 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lobster
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88ec234706f87f4570b6558a35315885ce37705e1f1e69675f168346d9b86bb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jul 2024 23:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 23:46:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jul 2024 23:48:16 GMT
style.min.css
tinhbotnghenhungvan.com/wp-includes/css/dist/block-library/ 		102 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.5
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:16 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 11:13:54 GMT
server
nginx
etag
W/"64b7c572-19824"
x-powered-by
PleskLin
content-type
text/css
styles.css
tinhbotnghenhungvan.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:16 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 03:13:46 GMT
server
nginx
etag
W/"616f896a-695"
x-powered-by
PleskLin
content-type
text/css
flatsome.css
tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/ 		133 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.7.2
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
138f42486b6c528a75b07377fa61878dee8bb61a41e65dd6a3bb649b2648a4c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:16 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 03:13:47 GMT
server
nginx
etag
W/"616f896b-2136c"
x-powered-by
PleskLin
content-type
text/css
style.css
tinhbotnghenhungvan.com/wp-content/themes/tinh-bot-he/ 		304 B
344 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-content/themes/tinh-bot-he/style.css?ver=3.0
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
57f29bd53660df7172becf590fdb8cc95daeba342f76d0c83469d3c096683e7d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:16 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 03:13:47 GMT
x-accel-version
0.01
server
nginx
etag
W/"130-5cec02a94f0c0"
x-powered-by
PleskLin
content-type
text/css
jquery.min.js
tinhbotnghenhungvan.com/wp-includes/js/jquery/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:16 GMT
content-encoding
br
last-modified
Fri, 26 May 2023 11:33:34 GMT
server
nginx
etag
W/"6470990e-155ba"
x-powered-by
PleskLin
content-type
application/javascript
jquery-migrate.min.js
tinhbotnghenhungvan.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:16 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
nginx
etag
W/"6482bd64-3509"
x-powered-by
PleskLin
content-type
application/javascript
sdk.js
connect.facebook.net/vi_VN/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/sdk.js
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
11dd42006271bbb551816c4f5a6192dc87e1da622ae18aab3532ae18a5ada340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 23:48:17 GMT
content-md5
ArZshCQRHjzuOI20TB2TtQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2788, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
FTnFfI6hZLNN1KPyLnuUhZ8JddOuutV6LNwYiisC6ZhZ9u8orgQct8X7kH7vB9e482ZMqkm6ajLoDYC/dSMmxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6655203ac25d8878107d93f9ab9bac1d
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"8ac436008a20bd91cc9fef4ea59f7937"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 05 Jul 2024 23:59:20 GMT
39a33537d2fe7aa023ef.jpg
tinhbotnghenhungvan.com/wp-content/uploads/2023/12/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinhbotnghenhungvan.com/wp-content/uploads/2023/12/39a33537d2fe7aa023ef.jpg
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b63c10cb9b40e2c203cad3244d4fbb27b9af666baa7386132bf92451fc3ae41c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:16 GMT
last-modified
Fri, 22 Dec 2023 07:30:28 GMT
server
nginx
etag
"65853b14-c03e"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
49214
hotline-1.png
tinhbotnghenhungvan.com/wp-content/uploads/2021/10/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinhbotnghenhungvan.com/wp-content/uploads/2021/10/hotline-1.png
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7ad609a64152d096681a5a726c69248c6ae38912bc10e7062fc618b41b06482f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:16 GMT
last-modified
Wed, 20 Oct 2021 03:13:47 GMT
server
nginx
etag
"616f896b-1732"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
5938
14348243-0-phone-calling-1528453278.gif
tinhbotnghenhungvan.com/wp-content/uploads/2019/02/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinhbotnghenhungvan.com/wp-content/uploads/2019/02/14348243-0-phone-calling-1528453278.gif
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
60b5a7f8395205d2d4d8c1d53c7fe09d35266cd60ed0332510f77060ff530236

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:17 GMT
last-modified
Wed, 20 Oct 2021 03:13:47 GMT
server
nginx
etag
"616f896b-32fad"
x-powered-by
PleskLin
content-type
image/gif
accept-ranges
bytes
content-length
208813
scripts.js
tinhbotnghenhungvan.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:17 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 03:13:46 GMT
server
nginx
etag
W/"616f896a-3868"
x-powered-by
PleskLin
content-type
application/javascript
hoverIntent.min.js
tinhbotnghenhungvan.com/wp-includes/js/ 		1 KB
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:17 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
nginx
etag
W/"625095f6-5db"
x-powered-by
PleskLin
content-type
application/javascript
flatsome.js
tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/js/ 		158 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.7.2
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b2ed89fbfda19e3847417484aa06e2f3f7ed40f5050d2449837e9c36b8ffa41d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:17 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 03:13:47 GMT
server
nginx
etag
W/"616f896b-2765b"
x-powered-by
PleskLin
content-type
application/javascript
flatsome-lazy-load.js
tinhbotnghenhungvan.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/ 		2 KB
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=1.0
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7407d96e239bc7431747fa8daced7f4f650d80a082db406520cd125842773591

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:17 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 03:13:47 GMT
server
nginx
etag
W/"616f896b-66b"
x-powered-by
PleskLin
content-type
application/javascript
29fbd039-c2ef-4191-90ac-4514beaef9d8
https://tinhbotnghenhungvan.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tinhbotnghenhungvan.com/29fbd039-c2ef-4191-90ac-4514beaef9d8
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 06:50:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Jul 2025 06:50:11 GMT
group.php
www.facebook.com/plugins/ Frame 7A83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/group.php?href=https://www.facebook.com/groups/267651372508111&width=280&show_metadata=false&appId=1900732326672850&height=235
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://tinhbotnghenhungvan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy
same-origin
date
Fri, 05 Jul 2024 23:48:17 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388302804221285708"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388302804221285708", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=45, rtx=0, c=10, mss=1297, tbw=2781, tp=-1, tpl=-1, uplat=150, ullat=0
x-fb-debug
/T8+1LR3Osemvzu93PqDhmmYjyXYLmp2v/lXdVJVNRmQ4GkZhkY/Zz2/L6PoT1d4jqqLbpUDYBYp+Ws6WXxfUQ==
x-xss-protection
0
fl-icons.css
tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/ 		369 B
329 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/fl-icons.css
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
28f4c609a2b8bc8fe9f7309107c7c9ba63d2880ff4080924dbf7ff46ab4d79f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:17 GMT
content-encoding
br
last-modified
Wed, 20 Oct 2021 03:13:47 GMT
x-accel-version
0.01
server
nginx
etag
W/"171-5cec02a94f0c0"
x-powered-by
PleskLin
content-type
text/css
cropped-39a33537d2fe7aa023ef.jpg
tinhbotnghenhungvan.com/wp-content/uploads/2023/12/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinhbotnghenhungvan.com/wp-content/uploads/2023/12/cropped-39a33537d2fe7aa023ef.jpg
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
fdc16f6860f3cdc2125ebbbb263a6fe57f41be1fdfe510676459fc8694cb6c0e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:17 GMT
last-modified
Fri, 22 Dec 2023 07:31:04 GMT
server
nginx
etag
"65853b38-755e"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
30046
thong-bao.png
tinhbotnghenhungvan.com/wp-content/uploads/2019/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tinhbotnghenhungvan.com/wp-content/uploads/2019/02/thong-bao.png
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0a3984617bdd26e8134a871437d390b1a0d42e80c27b4050d9a9f5096336e9a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:17 GMT
last-modified
Wed, 20 Oct 2021 03:13:47 GMT
server
nginx
etag
"616f896b-264e"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
9806
sdk.js
connect.facebook.net/vi_VN/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/vi_VN/sdk.js?hash=a6d40419f1e78ef740331d58a9f53e82
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
b7923f0d9b29ebcdba1985fe0aaf581fab506f3f94759eb289e809eb9af1176e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/
Origin
https://tinhbotnghenhungvan.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 23:48:17 GMT
content-md5
4rmdJemDje6OKqozUtbHYw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89189
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=23, mss=1232, tbw=4304, tp=9, tpl=0, uplat=2, ullat=-1
x-fb-debug
NHAnSxGvkkR8S5Gdgo/QEvWZMhcXxDBq+eMje6Hy8EdC9VQKLDCsNpnqhQmBg/hPQjQTpB3gM55YDHcfhOBnzg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ab985a2edbfa455e1d6c75edca546c58
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"9dd75c04afe0063dd9ad6f8fb44acf99"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 05 Jul 2025 23:28:00 GMT
css
fonts.googleapis.com/ 		0
0
neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v30/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lobster/v30/neILzCirqoswsqX9zoKmMw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://tinhbotnghenhungvan.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 13:06:49 GMT
x-content-type-options
nosniff
age
124888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33896
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 13:06:49 GMT
fl-icons.woff2
tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/icons/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/fl-icons.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/css/fl-icons.css
Origin
https://tinhbotnghenhungvan.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:18 GMT
last-modified
Wed, 20 Oct 2021 03:13:47 GMT
server
nginx
etag
"616f896b-1578"
x-powered-by
PleskLin
content-type
font/woff2
accept-ranges
bytes
content-length
5496
wp-emoji-release.min.js
tinhbotnghenhungvan.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.5
Requested by
Host: tinhbotnghenhungvan.com
URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:18 GMT
content-encoding
br
last-modified
Thu, 02 Feb 2023 00:53:24 GMT
server
nginx
etag
W/"63db0984-4904"
x-powered-by
PleskLin
content-type
application/javascript
cropped-39a33537d2fe7aa023ef-32x32.jpg
tinhbotnghenhungvan.com/wp-content/uploads/2023/12/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tinhbotnghenhungvan.com/wp-content/uploads/2023/12/cropped-39a33537d2fe7aa023ef-32x32.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.171.113.239 , Viet Nam, ASN140822 (ANPHATIDC-VSIS-AS-VN ANPHATIDC, VN),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6600e9e83bc4821c1ec887ccd2fd94230a2fe2429edb6b5311fc020a37e36397

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:48:18 GMT
last-modified
Fri, 22 Dec 2023 07:31:05 GMT
server
nginx
etag
"65853b39-4f0"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
1264

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=-apple-system,+BlinkMacSystemFont,+&quot;Segoe+UI&quot;,+Roboto,+Oxygen-Sans,+Ubuntu,+Cantarell,+&quot;Helvetica+Neue&quot;,+sans-serif:regular,regular%7C-apple-system,+BlinkMacSystemFont,+&quot;Segoe+UI&quot;,+Roboto,+Oxygen-Sans,+Ubuntu,+Cantarell,+&quot;Helvetica+Neue&quot;,+sans-serif:regular,regular%7C-apple-system,+BlinkMacSystemFont,+&quot;Segoe+UI&quot;,+Roboto,+Oxygen-Sans,+Ubuntu,+Cantarell,+&quot;Helvetica+Neue&quot;,+sans-serif:regular,regular%7CLobster:regular,regular

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| _wpemojiSettings undefined| $ function| jQuery object| WebFontConfig object| fl_icons object| fl_icons_insert object| wpcf7 object| FB object| WebFont object| flatsomeVars object| __buffer function| StickySidebar function| Waypoint object| __core-js_shared__ object| Flatsome string| waypointContextKey function| cookie object| twemoji object| wp

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://tinhbotnghenhungvan.com/oko/8061dbd2479f9ba/phone.php?verification
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation warning URL: https://tinhbotnghenhungvan.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.7.2(Line 70)
Message:
Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
tinhbotnghenhungvan.com
www.facebook.com
fonts.googleapis.com
103.171.113.239
157.240.0.6
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:810::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
0a3984617bdd26e8134a871437d390b1a0d42e80c27b4050d9a9f5096336e9a6
11dd42006271bbb551816c4f5a6192dc87e1da622ae18aab3532ae18a5ada340
138f42486b6c528a75b07377fa61878dee8bb61a41e65dd6a3bb649b2648a4c8
28f4c609a2b8bc8fe9f7309107c7c9ba63d2880ff4080924dbf7ff46ab4d79f4
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
57f29bd53660df7172becf590fdb8cc95daeba342f76d0c83469d3c096683e7d
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
60b5a7f8395205d2d4d8c1d53c7fe09d35266cd60ed0332510f77060ff530236
6600e9e83bc4821c1ec887ccd2fd94230a2fe2429edb6b5311fc020a37e36397
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6ad72683e8549052466a9fd35998921918e65a2a68dbb44b30dd46856002add5
7407d96e239bc7431747fa8daced7f4f650d80a082db406520cd125842773591
7ad609a64152d096681a5a726c69248c6ae38912bc10e7062fc618b41b06482f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
88ec234706f87f4570b6558a35315885ce37705e1f1e69675f168346d9b86bb7
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
9e15fee664612d207cd9fe1fba708a354ab2d3b819573264e9251615f68306d4
b2ed89fbfda19e3847417484aa06e2f3f7ed40f5050d2449837e9c36b8ffa41d
b63c10cb9b40e2c203cad3244d4fbb27b9af666baa7386132bf92451fc3ae41c
b7923f0d9b29ebcdba1985fe0aaf581fab506f3f94759eb289e809eb9af1176e
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e
fdc16f6860f3cdc2125ebbbb263a6fe57f41be1fdfe510676459fc8694cb6c0e