urlscan.io logo urlscan.io
SecurityTrails logo

thietkewebkhoinghiep.com Open in urlscan Pro
2606:4700:30::681f:432b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://diyarbakirkardelenhaliyikama.com/
Effective URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Submission: On December 17 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 47 HTTP transactions. The main IP is 2606:4700:30::681f:432b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is thietkewebkhoinghiep.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on June 21st 2019. Valid for: a year.
This is the only time thietkewebkhoinghiep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.12.108.109 58059 (WIFIBER)
40 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
47 3
Domain Requested by
40 thietkewebkhoinghiep.com thietkewebkhoinghiep.com
6 fonts.gstatic.com thietkewebkhoinghiep.com
1 fonts.googleapis.com thietkewebkhoinghiep.com
1 diyarbakirkardelenhaliyikama.com 1 redirects
47 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-06-21 -
2020-06-20		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Frame ID: 5FFD2086F735F948DC9CB39D0835C06D
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://diyarbakirkardelenhaliyikama.com/ HTTP 301
    https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

661 kB
Transfer

1731 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://diyarbakirkardelenhaliyikama.com/ HTTP 301
    https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Payment_Remittance_7th_Oct_pdf.jar
thietkewebkhoinghiep.com/wp-admin/includes/
Redirect Chain
  • https://diyarbakirkardelenhaliyikama.com/
  • https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
47 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.3.12
Resource Hash
42e792fc298f3d896eae95f8d2ee8e51b50369feeb9efba23429095342884c37

Request headers

:method
GET
:authority
thietkewebkhoinghiep.com
:scheme
https
:path
/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
404
date
Tue, 17 Dec 2019 10:18:24 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da6db82ca903f6d614d1ba3cc307d7e0a1576577903; expires=Thu, 16-Jan-20 10:18:23 GMT; path=/; domain=.thietkewebkhoinghiep.com; HttpOnly yith_wcwl_session_b3a635cc84030298f21392d6828f8909=%7B%22session_id%22%3A%22301d031f98068c189d73e8da845d83c0%22%2C%22session_expiration%22%3A1579169902%2C%22session_expiring%22%3A1579166302%2C%22cookie_hash%22%3A%229d50ed85bf83f7829781f055c723a831%22%7D; expires=Thu, 16-Jan-2020 10:18:22 GMT; Max-Age=2592000; path=/
x-powered-by
PHP/7.3.12
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-transform, no-cache, no-store, must-revalidate
link
<https://thietkewebkhoinghiep.com/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
BYPASS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5468271969bbcba8-VIE

Redirect headers

status
301
date
Tue, 17 Dec 2019 10:09:18 GMT
server
Apache/2
location
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
content-length
293
content-type
text/html; charset=iso-8859-1
style.min.css
thietkewebkhoinghiep.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203bffcba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
style.css
thietkewebkhoinghiep.com/wp-content/plugins/woo-gutenberg-products-block/build/ 		64 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woo-gutenberg-products-block/build/style.css?ver=2.5.4
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b08ca945ef0177542e082708dce59242964bc533c15608fa4f394486807c749

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 12 Dec 2019 03:23:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203c00cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
styles.css
thietkewebkhoinghiep.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 09 Dec 2019 04:34:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203c05cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
jquery.selectBox.css
thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/ 		3 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
875614250bc202cfce4176b3abc9bbc5ae9932c76e83145e1247928d295cd694

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Dec 2019 02:34:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203c07cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
fl-icons.css
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/ 		328 B
301 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203c09cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
wishlist.css
thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/ 		1 KB
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.4
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ed04df4c5d5e4d772e49b8daadfbbcd7671f37b5c05a34ba3d9174bf998bb5

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203c0bcba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
jquery.fancybox.min.css
thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css?ver=1.3.24
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203c0ccba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
button-styles.css
thietkewebkhoinghiep.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203c0ecba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
flatsome.css
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/ 		134 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d6c2d3795e8637c70c4e2123c1ee20b30ffaabf9838eec6fce5f9b379e3116

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203c14cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
flatsome-shop.css
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b331d8cfdf7d80600c17408ce244f8c32026cb8636d36fb112ec6bd392fa5b33

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827203c16cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
style.css
thietkewebkhoinghiep.com/wp-content/themes/createwebsite/ 		302 B
227 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/createwebsite/style.css?ver=3.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de33fc8292d42d68419b575e7eea1f87418c16ad247e49edcc585f917057f99e

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827204c36cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
css
fonts.googleapis.com/ 		6 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7cab404900fdaeecd6633d00707acb289d2a8ab898fa53e2084bad8f534cfded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 17 Dec 2019 10:18:24 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 17 Dec 2019 10:18:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 17 Dec 2019 10:18:24 GMT
jquery.js
thietkewebkhoinghiep.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827204c38cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
jquery-migrate.min.js
thietkewebkhoinghiep.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827204c3acba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
wp-emoji-release.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827206ca5cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
jquery.selectBox.min.js
thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfbb661e5d5f32edf12ea356c0e6d457c96cc209d6601b310cc277bb950e8b6

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Dec 2019 02:34:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827219f86cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
jquery.yith-wcwl.js
thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.3
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d7c83a7ca9de6f6e416d1a656b520efc0619506c942cd16cf26eb8ab57b50e3

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 14 Dec 2019 02:34:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af88cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
scripts.js
thietkewebkhoinghiep.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 09 Dec 2019 04:34:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af89cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
jquery.blockUI.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af8acba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
add-to-cart.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af8bcba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
js.cookie.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af8ccba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
woocommerce.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		1 KB
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af8dcba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
cart-fragments.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af8ecba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
hoverIntent.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		1 KB
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e80291b8d8065e35b7515fe06df9dcdd88dd0ea6b5fa23f847ea6b80ad1a8e0

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af8fcba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
flatsome.js
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/js/ 		167 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
781fc24f9f38eb379326a33a232463e33d9ce0f4f4d22ca4906e04a819d6f4df

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af90cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
wishlist.js
thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/ 		2 KB
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.4
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d95e01326cef01f9201afedf4011d8f33ac974d46a11c9f131ae3cbe81c9004

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af92cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
flatsome-live-search.js
thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721af93cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
jquery.fancybox.min.js
thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721f861cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
jquery.easing.min.js
thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/ 		2 KB
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721f862cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
jquery.mousewheel.min.js
thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721f866cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
woocommerce.js
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad87d622ea0817487dea2435dea7426391a986bcf94901aa38df6562da28a36

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721f868cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
wp-embed.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		1 KB
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/wp-embed.min.js?ver=5.3.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721f869cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
zxcvbn-async.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		318 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00289747a2226be149b8094330ccb739ae7ec8edd090127ca809df7ca75bc653

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721f86acba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
password-strength-meter.min.js
thietkewebkhoinghiep.com/wp-admin/js/ 		731 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-admin/js/password-strength-meter.min.js?ver=5.3.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7dc66a8ff71c7f96c5fb62f4153f69f5348c64df9cfd083684d7cb317c4f986

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721f86bcba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
password-strength-meter.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		2 KB
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=3.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
980033b7b56674d053655bdcfca7b5db49f6305b5fd5654ed9fd18eb324ad81e

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
54682721f86ccba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
dashicons.min.css
thietkewebkhoinghiep.com/wp-includes/css/ 		46 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/css/dashicons.min.css
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827242e0fcba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
font-awesome.min.css
thietkewebkhoinghiep.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		86 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
546827242e10cba8-VIE
expires
Tue, 24 Dec 2019 10:18:23 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2351562
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Thu, 19 Nov 2020 05:05:44 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Fri, 22 Nov 2019 04:03:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
2182522
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sat, 21 Nov 2020 04:03:04 GMT
fl-icons.woff2
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/icons/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Tue, 17 Dec 2019 10:18:26 GMT
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
546827298de1cba8-VIE
content-length
6128
expires
Tue, 24 Dec 2019 10:18:24 GMT
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Fri, 22 Nov 2019 04:05:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
2182381
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7924
x-xss-protection
0
expires
Sat, 21 Nov 2020 04:05:25 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Wed, 20 Nov 2019 01:26:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
2364733
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8024
x-xss-protection
0
expires
Thu, 19 Nov 2020 01:26:13 GMT
/
thietkewebkhoinghiep.com/ 		537 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/?wc-ajax=get_refreshed_fragments
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.3.12
Resource Hash
602ebf07f6062d691bd6944ee4e7ea5473af3f9005e52562cd85db65ec85650c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Origin
https://thietkewebkhoinghiep.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 17 Dec 2019 10:18:27 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-powered-by
PHP/7.3.12
cf-ray
54682729dec7cba8-VIE
status
200
content-length
537
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thietkewebkhoinghiep.com
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Wed, 20 Nov 2019 23:39:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
2284730
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
3352
x-xss-protection
0
expires
Thu, 19 Nov 2020 23:39:36 GMT
KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Wed, 20 Nov 2019 05:07:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:45 GMT
server
sffe
age
2351469
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
3384
x-xss-protection
0
expires
Thu, 19 Nov 2020 05:07:17 GMT
zxcvbn.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		803 KB
380 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/zxcvbn.min.js
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 10:18:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5468272d4f3dcba8-VIE
expires
Tue, 24 Dec 2019 10:18:25 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| twemoji object| wp object| _nsl undefined| $ function| jQuery string| c function| SelectBox object| yith_wcwl_l10n object| wpcf7 object| wc_add_to_cart_params function| Cookies object| woocommerce_params object| wc_cart_fragments_params object| flatsomeVars function| StickySidebar function| Waypoint object| __core-js_shared__ object| Flatsome string| waypointContextKey object| jQuery112406650217239681848 function| objectFitImages function| cookie function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto object| _zxcvbnSettings object| pwsL10n function| passwordStrength object| wc_password_strength_meter_params function| zxcvbn

2 Cookies

Domain/Path Name / Value
thietkewebkhoinghiep.com/ Name: yith_wcwl_session_b3a635cc84030298f21392d6828f8909
Value: %7B%22session_id%22%3A%22301d031f98068c189d73e8da845d83c0%22%2C%22session_expiration%22%3A1579169902%2C%22session_expiring%22%3A1579166302%2C%22cookie_hash%22%3A%229d50ed85bf83f7829781f055c723a831%22%7D
.thietkewebkhoinghiep.com/ Name: __cfduid
Value: da6db82ca903f6d614d1ba3cc307d7e0a1576577903

1 Console Messages

Source Level URL
Text
console-api log URL: https://thietkewebkhoinghiep.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

diyarbakirkardelenhaliyikama.com
fonts.googleapis.com
fonts.gstatic.com
thietkewebkhoinghiep.com
185.12.108.109
2606:4700:30::681f:432b
2a00:1450:4001:80b::2003
2a00:1450:4001:81f::200a
00289747a2226be149b8094330ccb739ae7ec8edd090127ca809df7ca75bc653
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2b08ca945ef0177542e082708dce59242964bc533c15608fa4f394486807c749
2d7c83a7ca9de6f6e416d1a656b520efc0619506c942cd16cf26eb8ab57b50e3
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
42e792fc298f3d896eae95f8d2ee8e51b50369feeb9efba23429095342884c37
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e80291b8d8065e35b7515fe06df9dcdd88dd0ea6b5fa23f847ea6b80ad1a8e0
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d95e01326cef01f9201afedf4011d8f33ac974d46a11c9f131ae3cbe81c9004
602ebf07f6062d691bd6944ee4e7ea5473af3f9005e52562cd85db65ec85650c
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
69ed04df4c5d5e4d772e49b8daadfbbcd7671f37b5c05a34ba3d9174bf998bb5
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
781fc24f9f38eb379326a33a232463e33d9ce0f4f4d22ca4906e04a819d6f4df
7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98
7cab404900fdaeecd6633d00707acb289d2a8ab898fa53e2084bad8f534cfded
875614250bc202cfce4176b3abc9bbc5ae9932c76e83145e1247928d295cd694
8ad87d622ea0817487dea2435dea7426391a986bcf94901aa38df6562da28a36
91d6c2d3795e8637c70c4e2123c1ee20b30ffaabf9838eec6fce5f9b379e3116
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
980033b7b56674d053655bdcfca7b5db49f6305b5fd5654ed9fd18eb324ad81e
b331d8cfdf7d80600c17408ce244f8c32026cb8636d36fb112ec6bd392fa5b33
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
de33fc8292d42d68419b575e7eea1f87418c16ad247e49edcc585f917057f99e
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
f7dc66a8ff71c7f96c5fb62f4153f69f5348c64df9cfd083684d7cb317c4f986
fdfbb661e5d5f32edf12ea356c0e6d457c96cc209d6601b310cc277bb950e8b6