urlscan.io logo urlscan.io
SecurityTrails logo

thietkewebkhoinghiep.com Open in urlscan Pro
2606:4700:30::681f:432b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://diyarbakirkardelenhaliyikama.com/
Effective URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Submission: On December 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 47 HTTP transactions. The main IP is 2606:4700:30::681f:432b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is thietkewebkhoinghiep.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on June 21st 2019. Valid for: a year.
This is the only time thietkewebkhoinghiep.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.12.108.109 58059 (WIFIBER)
40 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
47 3
Domain Requested by
40 thietkewebkhoinghiep.com thietkewebkhoinghiep.com
6 fonts.gstatic.com thietkewebkhoinghiep.com
1 fonts.googleapis.com thietkewebkhoinghiep.com
1 diyarbakirkardelenhaliyikama.com 1 redirects
47 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-06-21 -
2020-06-20		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Frame ID: 30964C53D66E30770EA8A903F484DB24
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://diyarbakirkardelenhaliyikama.com/ HTTP 301
    https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

658 kB
Transfer

1722 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://diyarbakirkardelenhaliyikama.com/ HTTP 301
    https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Payment_Remittance_7th_Oct_pdf.jar
thietkewebkhoinghiep.com/wp-admin/includes/
Redirect Chain
  • https://diyarbakirkardelenhaliyikama.com/
  • https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
47 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.3.12
Resource Hash
ab9c00d5bb803d577408c43d0fb792b26f6cc82b917c30e64ef38ac586033033

Request headers

:method
GET
:authority
thietkewebkhoinghiep.com
:scheme
https
:path
/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
404
date
Mon, 09 Dec 2019 12:15:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2853b87be7134d171c50642b8a3309ba1575893712; expires=Wed, 08-Jan-20 12:15:12 GMT; path=/; domain=.thietkewebkhoinghiep.com; HttpOnly
x-powered-by
PHP/7.3.12
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-transform, no-cache, no-store, must-revalidate
link
<https://thietkewebkhoinghiep.com/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
BYPASS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5426e73668c3cbb8-VIE

Redirect headers

status
301
date
Mon, 09 Dec 2019 12:06:15 GMT
server
Apache/2
location
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
content-length
293
content-type
text/html; charset=iso-8859-1
style.min.css
thietkewebkhoinghiep.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249c3cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
style.css
thietkewebkhoinghiep.com/wp-content/plugins/woo-gutenberg-products-block/build/ 		64 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woo-gutenberg-products-block/build/style.css?ver=2.5.2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b008aab2f7b2bb6137c5c1d5fdc6d8df2dc5887ea29c26e7e17573dbfcb6faa

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 09 Dec 2019 04:35:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249c7cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
styles.css
thietkewebkhoinghiep.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 09 Dec 2019 04:34:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249cacbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
jquery.selectBox.css
thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/ 		3 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
875614250bc202cfce4176b3abc9bbc5ae9932c76e83145e1247928d295cd694

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249cdcbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
fl-icons.css
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/ 		328 B
222 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249d0cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
wishlist.css
thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/ 		1 KB
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.4
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ed04df4c5d5e4d772e49b8daadfbbcd7671f37b5c05a34ba3d9174bf998bb5

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249d1cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
jquery.fancybox.min.css
thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css?ver=1.3.24
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249d2cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
button-styles.css
thietkewebkhoinghiep.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249d4cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
flatsome.css
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/ 		134 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d6c2d3795e8637c70c4e2123c1ee20b30ffaabf9838eec6fce5f9b379e3116

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249d6cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
flatsome-shop.css
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b331d8cfdf7d80600c17408ce244f8c32026cb8636d36fb112ec6bd392fa5b33

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249d7cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
style.css
thietkewebkhoinghiep.com/wp-content/themes/createwebsite/ 		302 B
306 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/createwebsite/style.css?ver=3.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de33fc8292d42d68419b575e7eea1f87418c16ad247e49edcc585f917057f99e

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249d9cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
css
fonts.googleapis.com/ 		6 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7cab404900fdaeecd6633d00707acb289d2a8ab898fa53e2084bad8f534cfded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 09 Dec 2019 12:15:14 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 09 Dec 2019 12:15:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 09 Dec 2019 12:15:14 GMT
jquery.js
thietkewebkhoinghiep.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249dacbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
jquery-migrate.min.js
thietkewebkhoinghiep.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74249dccbb8-VIE
expires
Mon, 16 Dec 2019 12:15:12 GMT
wp-emoji-release.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e747bfd8cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
jquery.selectBox.min.js
thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfbb661e5d5f32edf12ea356c0e6d457c96cc209d6601b310cc277bb950e8b6

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdb0cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
jquery.yith-wcwl.js
thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.17
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2395683ce82442577bf579c2e04c631b752ca49ab04fe3efdf2283166a11ae5

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdb7cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
scripts.js
thietkewebkhoinghiep.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 09 Dec 2019 04:34:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdb8cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
jquery.blockUI.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdbacbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
add-to-cart.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdbccbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
js.cookie.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdbdcbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
woocommerce.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		1 KB
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdbecbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
cart-fragments.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdc0cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
hoverIntent.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		1 KB
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e80291b8d8065e35b7515fe06df9dcdd88dd0ea6b5fa23f847ea6b80ad1a8e0

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdc1cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
flatsome.js
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/js/ 		167 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
781fc24f9f38eb379326a33a232463e33d9ce0f4f4d22ca4906e04a819d6f4df

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdc2cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
wishlist.js
thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/ 		2 KB
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.4
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d95e01326cef01f9201afedf4011d8f33ac974d46a11c9f131ae3cbe81c9004

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdc3cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
flatsome-live-search.js
thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdc5cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
jquery.fancybox.min.js
thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdc7cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
jquery.easing.min.js
thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/ 		2 KB
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdcbcbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
jquery.mousewheel.min.js
thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e743fdcccbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
woocommerce.js
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.10.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad87d622ea0817487dea2435dea7426391a986bcf94901aa38df6562da28a36

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e7440deccbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
wp-embed.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		1 KB
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/wp-embed.min.js?ver=5.3
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e7440df0cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
zxcvbn-async.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		318 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00289747a2226be149b8094330ccb739ae7ec8edd090127ca809df7ca75bc653

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e7440df2cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
password-strength-meter.min.js
thietkewebkhoinghiep.com/wp-admin/js/ 		731 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-admin/js/password-strength-meter.min.js?ver=5.3
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7dc66a8ff71c7f96c5fb62f4153f69f5348c64df9cfd083684d7cb317c4f986

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e7440df3cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
password-strength-meter.min.js
thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		2 KB
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=3.8.1
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
980033b7b56674d053655bdcfca7b5db49f6305b5fd5654ed9fd18eb324ad81e

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:23:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e7440df4cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
dashicons.min.css
thietkewebkhoinghiep.com/wp-includes/css/ 		46 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/css/dashicons.min.css
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e745babfcbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
font-awesome.min.css
thietkewebkhoinghiep.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		86 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e745bac6cbb8-VIE
expires
Mon, 16 Dec 2019 12:15:13 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Thu, 21 Nov 2019 15:36:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1543134
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 20 Nov 2020 15:36:21 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Wed, 20 Nov 2019 18:56:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1617503
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Thu, 19 Nov 2020 18:56:52 GMT
fl-icons.woff2
thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/icons/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://thietkewebkhoinghiep.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Mon, 09 Dec 2019 12:15:16 GMT
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:24:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
status
200
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
5426e74b18c7cbb8-VIE
content-length
6128
expires
Mon, 16 Dec 2019 12:15:14 GMT
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Wed, 20 Nov 2019 19:03:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1617076
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7924
x-xss-protection
0
expires
Thu, 19 Nov 2020 19:03:59 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Thu, 21 Nov 2019 17:16:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
1537140
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8024
x-xss-protection
0
expires
Fri, 20 Nov 2020 17:16:15 GMT
/
thietkewebkhoinghiep.com/ 		537 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/?wc-ajax=get_refreshed_fragments
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.3.12
Resource Hash
602ebf07f6062d691bd6944ee4e7ea5473af3f9005e52562cd85db65ec85650c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Origin
https://thietkewebkhoinghiep.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 09 Dec 2019 12:15:16 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-powered-by
PHP/7.3.12
cf-ray
5426e74b698dcbb8-VIE
status
200
content-length
537
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://thietkewebkhoinghiep.com
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfCxc4AMP6lbBP.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Wed, 20 Nov 2019 19:14:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
1616446
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
3352
x-xss-protection
0
expires
Thu, 19 Nov 2020 19:14:29 GMT
KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
Origin
https://thietkewebkhoinghiep.com

Response headers

date
Thu, 21 Nov 2019 04:05:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:45 GMT
server
sffe
age
1584587
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
3384
x-xss-protection
0
expires
Fri, 20 Nov 2020 04:05:28 GMT
zxcvbn.min.js
thietkewebkhoinghiep.com/wp-includes/js/ 		803 KB
380 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thietkewebkhoinghiep.com/wp-includes/js/zxcvbn.min.js
Requested by
Host: thietkewebkhoinghiep.com
URL: https://thietkewebkhoinghiep.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:432b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728

Request headers

Referer
https://thietkewebkhoinghiep.com/wp-admin/includes/Payment_Remittance_7th_Oct_pdf.jar
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 12:15:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 30 Nov 2019 04:04:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
5426e74ebaffcbb8-VIE
expires
Mon, 16 Dec 2019 12:15:14 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| twemoji object| wp object| _nsl undefined| $ function| jQuery string| c function| SelectBox object| yith_wcwl_l10n object| wpcf7 object| wc_add_to_cart_params function| Cookies object| woocommerce_params object| wc_cart_fragments_params object| flatsomeVars function| StickySidebar function| Waypoint object| __core-js_shared__ object| Flatsome string| waypointContextKey object| jQuery1124042377054643240886 function| objectFitImages function| cookie function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto object| _zxcvbnSettings object| pwsL10n function| passwordStrength object| wc_password_strength_meter_params function| zxcvbn

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://thietkewebkhoinghiep.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

diyarbakirkardelenhaliyikama.com
fonts.googleapis.com
fonts.gstatic.com
thietkewebkhoinghiep.com
185.12.108.109
2606:4700:30::681f:432b
2a00:1450:4001:818::2003
2a00:1450:4001:825::200a
00289747a2226be149b8094330ccb739ae7ec8edd090127ca809df7ca75bc653
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
15244ca7aea2452ed1d66b0bd2aac4ba82e6bc59cd064761788d8494a9ab2728
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2b008aab2f7b2bb6137c5c1d5fdc6d8df2dc5887ea29c26e7e17573dbfcb6faa
2d8747d26eba68a46f768d99eebf4b4624a37b2a3bd83d4a6934939e62846972
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e80291b8d8065e35b7515fe06df9dcdd88dd0ea6b5fa23f847ea6b80ad1a8e0
4efba2511ac7b398ee519551405416b684264c28f052829e9dd86bb836257d90
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
558968cce04d4dffad0792278f0c14ab5e5b9f828ac3beeb9b900c448243f2da
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d95e01326cef01f9201afedf4011d8f33ac974d46a11c9f131ae3cbe81c9004
602ebf07f6062d691bd6944ee4e7ea5473af3f9005e52562cd85db65ec85650c
6742ec1271dff587e859a90ce7e4bee26cfd60625f5bb95325650c6b04afda8d
69ed04df4c5d5e4d772e49b8daadfbbcd7671f37b5c05a34ba3d9174bf998bb5
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
781fc24f9f38eb379326a33a232463e33d9ce0f4f4d22ca4906e04a819d6f4df
7b082daadd28b14604f37e9476dab0a901dbc19f82808056e27be8ca2af1fd98
7cab404900fdaeecd6633d00707acb289d2a8ab898fa53e2084bad8f534cfded
875614250bc202cfce4176b3abc9bbc5ae9932c76e83145e1247928d295cd694
8ad87d622ea0817487dea2435dea7426391a986bcf94901aa38df6562da28a36
91d6c2d3795e8637c70c4e2123c1ee20b30ffaabf9838eec6fce5f9b379e3116
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
980033b7b56674d053655bdcfca7b5db49f6305b5fd5654ed9fd18eb324ad81e
ab9c00d5bb803d577408c43d0fb792b26f6cc82b917c30e64ef38ac586033033
b331d8cfdf7d80600c17408ce244f8c32026cb8636d36fb112ec6bd392fa5b33
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
de33fc8292d42d68419b575e7eea1f87418c16ad247e49edcc585f917057f99e
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
f2395683ce82442577bf579c2e04c631b752ca49ab04fe3efdf2283166a11ae5
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
f7dc66a8ff71c7f96c5fb62f4153f69f5348c64df9cfd083684d7cb317c4f986
fdfbb661e5d5f32edf12ea356c0e6d457c96cc209d6601b310cc277bb950e8b6