URL: https://www.test.tuyenquangpost.com/
Submission: On May 16 via automatic, source certstream-suspicious

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 31 HTTP transactions. The main IP is 172.96.191.100, located in Singapore, Singapore and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is www.test.tuyenquangpost.com.
TLS certificate: Issued by R3 on May 16th 2021. Valid for: 3 months.
This is the only time www.test.tuyenquangpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 172.96.191.100 59253 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.196.16.7 131438 (VNPOST-AS...)
7 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
31 8
Domain Requested by
11 www.test.tuyenquangpost.com www.test.tuyenquangpost.com
7 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.test.tuyenquangpost.com
www.gstatic.com
2 fonts.googleapis.com www.test.tuyenquangpost.com
1 pud.vnpost.vn www.test.tuyenquangpost.com
31 6

This site contains no links.

Subject Issuer Validity Valid
www.test.tuyenquangpost.com
R3
2021-05-16 -
2021-08-14
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh
www.google.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.vnpost.vn
GeoTrust RSA CA 2018
2020-04-17 -
2022-07-17
2 years crt.sh
*.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.test.tuyenquangpost.com/
Frame ID: A054678A93C615F08B802614575E1108
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&co=aHR0cHM6Ly93d3cudGVzdC50dXllbnF1YW5ncG9zdC5jb206NDQz&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=eofdmgq64zvo
Frame ID: AADEF8834CB0EF031C5B6F38E3587C87
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&cb=ee93yg7yjkht
Frame ID: 158464DC296189F9662CF41167BE8558
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<div[^>]+class="g-recaptcha"/i
  • script /\/recaptcha\/api\.js/i

Page Statistics

31
Requests

100 %
HTTPS

71 %
IPv6

5
Domains

6
Subdomains

8
IPs

3
Countries

800 kB
Transfer

1892 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.test.tuyenquangpost.com/
4 KB
2 KB
Document
General
Full URL
https://www.test.tuyenquangpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/7.3.27
Resource Hash
3ab7d631744106001af0b9858b0f36d331a7521dba9ba270e21c573d05da9e27

Request headers

:method
GET
:authority
www.test.tuyenquangpost.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by
PHP/7.3.27
cache-control
no-cache, private
content-type
text/html; charset=UTF-8
set-cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; expires=Sun, 16-May-2021 08:35:39 GMT; Max-Age=7200; path=/; secure quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D; expires=Sun, 16-May-2021 08:35:39 GMT; Max-Age=7200; path=/; httponly; secure
content-length
1514
content-encoding
br
vary
Accept-Encoding
date
Sun, 16 May 2021 06:35:39 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
bootstrap.min.css
www.test.tuyenquangpost.com/assets/plugins/klorofil/css/
118 KB
18 KB
Stylesheet
General
Full URL
https://www.test.tuyenquangpost.com/assets/plugins/klorofil/css/bootstrap.min.css
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
e2544ff4a43bb71012775c6ddac809182ce0588c4cda706fdf65e217e9105c2b

Request headers

:path
/assets/plugins/klorofil/css/bootstrap.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:39 GMT
content-encoding
br
last-modified
Thu, 22 Aug 2019 00:59:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18278
expires
Sun, 23 May 2021 06:35:39 GMT
font-awesome.min.css
www.test.tuyenquangpost.com/assets/plugins/klorofil/vendor/font-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.test.tuyenquangpost.com/assets/plugins/klorofil/vendor/font-awesome/css/font-awesome.min.css
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path
/assets/plugins/klorofil/vendor/font-awesome/css/font-awesome.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:39 GMT
content-encoding
br
last-modified
Mon, 20 Mar 2017 22:19:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6658
expires
Sun, 23 May 2021 06:35:39 GMT
style.css
www.test.tuyenquangpost.com/assets/plugins/klorofil/vendor/linearicons/
8 KB
1 KB
Stylesheet
General
Full URL
https://www.test.tuyenquangpost.com/assets/plugins/klorofil/vendor/linearicons/style.css
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
f5c203b6416a054de195921e85165e4d66fd303ea8d20982a190fede7b673576

Request headers

:path
/assets/plugins/klorofil/vendor/linearicons/style.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:39 GMT
content-encoding
br
last-modified
Mon, 20 Mar 2017 22:19:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1501
expires
Sun, 23 May 2021 06:35:39 GMT
toastr.min.css
www.test.tuyenquangpost.com/assets/plugins/toastr/
6 KB
3 KB
Stylesheet
General
Full URL
https://www.test.tuyenquangpost.com/assets/plugins/toastr/toastr.min.css
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0

Request headers

:path
/assets/plugins/toastr/toastr.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:39 GMT
content-encoding
br
last-modified
Sun, 17 Jun 2018 05:54:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2654
expires
Sun, 23 May 2021 06:35:39 GMT
main.css
www.test.tuyenquangpost.com/assets/plugins/klorofil/css/
205 KB
30 KB
Stylesheet
General
Full URL
https://www.test.tuyenquangpost.com/assets/plugins/klorofil/css/main.css
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
1fd8f4b65e534d5ab83d876438539e62fda6ae62b5a350fe1e79b105ecf95c08

Request headers

:path
/assets/plugins/klorofil/css/main.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:39 GMT
content-encoding
br
last-modified
Fri, 27 Sep 2019 14:45:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30514
expires
Sun, 23 May 2021 06:35:39 GMT
css
fonts.googleapis.com/
9 KB
842 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 May 2021 04:49:55 GMT
server
ESF
date
Sun, 16 May 2021 06:35:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 May 2021 06:35:39 GMT
jquery-3.4.1.min.js
www.test.tuyenquangpost.com/assets/plugins/jquery-3.4.1/
86 KB
29 KB
Script
General
Full URL
https://www.test.tuyenquangpost.com/assets/plugins/jquery-3.4.1/jquery-3.4.1.min.js
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

:path
/assets/plugins/jquery-3.4.1/jquery-3.4.1.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:39 GMT
content-encoding
br
last-modified
Sat, 01 Jun 2019 21:22:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30047
expires
Sun, 23 May 2021 06:35:39 GMT
logo.png
www.test.tuyenquangpost.com/assets/images/
3 KB
3 KB
Image
General
Full URL
https://www.test.tuyenquangpost.com/assets/images/logo.png
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
e4a6f23ddc8fe3528574fc0e693e551d6e8f6c7f83d1015c4c5f6fe99570dd98

Request headers

:path
/assets/images/logo.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:40 GMT
last-modified
Fri, 23 Aug 2019 14:14:08 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2848
expires
Sun, 23 May 2021 06:35:40 GMT
toastr.min.js
www.test.tuyenquangpost.com/assets/plugins/toastr/
5 KB
2 KB
Script
General
Full URL
https://www.test.tuyenquangpost.com/assets/plugins/toastr/toastr.min.js
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
1e0c2ad4e069276efa1d43fd1f7549912bfd64219119037e26574f27ca4d7143

Request headers

:path
/assets/plugins/toastr/toastr.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:40 GMT
content-encoding
br
last-modified
Sun, 17 Jun 2018 05:54:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1884
expires
Sun, 23 May 2021 06:35:40 GMT
api.js
www.google.com/recaptcha/
909 B
671 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03b8a0b98ba21fab12268d4e443e79ef6342a375d5c1850839615eec79d401fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578
x-xss-protection
1; mode=block
expires
Sun, 16 May 2021 06:35:40 GMT
ajax.js
www.test.tuyenquangpost.com/ajax/
1 KB
536 B
Script
General
Full URL
https://www.test.tuyenquangpost.com/ajax/ajax.js
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
d5240755e4fa06b4349953cb6c6f9edb5e2844f49e574519f1e789c37f2cb3b0

Request headers

:path
/ajax/ajax.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:40 GMT
content-encoding
br
last-modified
Sat, 28 Dec 2019 01:46:30 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
441
expires
Sun, 23 May 2021 06:35:40 GMT
css
fonts.googleapis.com/
8 KB
713 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/assets/plugins/klorofil/css/main.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 16 May 2021 06:16:59 GMT
server
ESF
date
Sun, 16 May 2021 06:35:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 May 2021 06:35:40 GMT
loginBg.jpg
pud.vnpost.vn/Assets/img/
80 KB
80 KB
Image
General
Full URL
https://pud.vnpost.vn/Assets/img/loginBg.jpg
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/assets/plugins/klorofil/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.196.16.7 , Viet Nam, ASN131438 (VNPOST-AS-VN VIETNAM POST, VN),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
051c3bb8d973bc437b68ed3a7e731972d6281700e11db2f0d4412b5a06c679c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 16 May 2021 06:37:54 GMT
X-Permitted-Cross-Domain-Policies
master-only
X-Powered-By
ASP.NET
Content-Length
81805
X-Xss-Protection
1; mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 07 Aug 2018 07:37:02 GMT
Server
Microsoft-IIS/8.5
ETag
"fa7696e212ed41:0"
expect-ct
max-age=604800
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Download-Options
noopen
Content-Type
image/jpeg
Cache-control
private
Feature-Policy
usb 'none'
Accept-Ranges
bytes
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.test.tuyenquangpost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 04:23:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
7937
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Mon, 16 May 2022 04:23:23 GMT
fontawesome-webfont.woff2
www.test.tuyenquangpost.com/assets/plugins/klorofil/vendor/font-awesome/fonts/
75 KB
75 KB
Font
General
Full URL
https://www.test.tuyenquangpost.com/assets/plugins/klorofil/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/assets/plugins/klorofil/vendor/font-awesome/css/font-awesome.min.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.96.191.100 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
172.96.191.100-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode
cors
origin
https://www.test.tuyenquangpost.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
XSRF-TOKEN=eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9; quanlycongno_session=eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
:path
/assets/plugins/klorofil/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.test.tuyenquangpost.com
referer
https://www.test.tuyenquangpost.com/assets/plugins/klorofil/vendor/font-awesome/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.test.tuyenquangpost.com
Referer
https://www.test.tuyenquangpost.com/assets/plugins/klorofil/vendor/font-awesome/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:40 GMT
last-modified
Mon, 20 Mar 2017 22:19:16 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
77160
content-type
font/woff2
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.test.tuyenquangpost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 01:43:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
276728
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Fri, 13 May 2022 01:43:32 GMT
KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.test.tuyenquangpost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 21:19:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:30 GMT
server
sffe
age
465380
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11812
x-xss-protection
0
expires
Tue, 10 May 2022 21:19:20 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.test.tuyenquangpost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:35:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:33 GMT
server
sffe
age
226798
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
expires
Fri, 13 May 2022 15:35:42 GMT
KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ab35825889046cbb84b4651b8558f1bad5675df801ec18fd871b124dbbd7a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.test.tuyenquangpost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:44:03 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
226297
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5460
x-xss-protection
0
expires
Fri, 13 May 2022 15:44:03 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.test.tuyenquangpost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
226298
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Fri, 13 May 2022 15:44:02 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/
335 KB
131 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.test.tuyenquangpost.com
Referer
https://www.test.tuyenquangpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 22:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27918
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134136
x-xss-protection
0
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 May 2022 22:50:22 GMT
anchor
www.google.com/recaptcha/api2/ Frame AADE
39 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&co=aHR0cHM6Ly93d3cudGVzdC50dXllbnF1YW5ncG9zdC5jb206NDQz&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=eofdmgq64zvo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0b7e62a5ceea7f29911611d4eeee50d88bb21bc90ce6bbe63bd71e4155e58cd0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/oasuzQE+9FOcdxpoO7ONw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&co=aHR0cHM6Ly93d3cudGVzdC50dXllbnF1YW5ncG9zdC5jb206NDQz&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=eofdmgq64zvo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.test.tuyenquangpost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.test.tuyenquangpost.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 16 May 2021 06:35:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-/oasuzQE+9FOcdxpoO7ONw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20042
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/ Frame AADE
51 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&co=aHR0cHM6Ly93d3cudGVzdC50dXllbnF1YW5ncG9zdC5jb206NDQz&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=eofdmgq64zvo
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 02:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
age
13433
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Mon, 16 May 2022 02:51:47 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/ Frame AADE
335 KB
131 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&co=aHR0cHM6Ly93d3cudGVzdC50dXllbnF1YW5ncG9zdC5jb206NDQz&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=eofdmgq64zvo
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 22:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27918
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134136
x-xss-protection
0
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 May 2022 22:50:22 GMT
truncated
/ Frame AADE
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AADE
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AADE
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
297789
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Wed, 19 May 2021 19:52:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AADE
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&co=aHR0cHM6Ly93d3cudGVzdC50dXllbnF1YW5ncG9zdC5jb206NDQz&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=eofdmgq64zvo
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 21:46:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
377380
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 11 May 2022 21:46:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame AADE
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv
Requested by
Host: www.test.tuyenquangpost.com
URL: https://www.test.tuyenquangpost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1fb0140eac079c8f8cc4df2380db9cf976d01b110e68e3924d5dbee0c54bc430
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&co=aHR0cHM6Ly93d3cudGVzdC50dXllbnF1YW5ncG9zdC5jb206NDQz&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=eofdmgq64zvo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 06:35:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 16 May 2021 06:35:40 GMT
bframe
www.google.com/recaptcha/api2/ Frame 1584
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&cb=ee93yg7yjkht
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4a0448b202a10b12468ee3b07f04df1115a144005f7945ce88168f7f0a25da5a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vHACTWhsTq9nurvVwGuQAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&cb=ee93yg7yjkht
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.test.tuyenquangpost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.test.tuyenquangpost.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 16 May 2021 06:35:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-vHACTWhsTq9nurvVwGuQAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/ Frame 1584
51 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&cb=ee93yg7yjkht
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 02:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
age
13433
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Mon, 16 May 2022 02:51:47 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/ Frame 1584
335 KB
131 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6LeeT8YZAAAAAHHGBN9MqNrHc7MTfh0owhXlfy6G&cb=ee93yg7yjkht
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 22:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27918
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134136
x-xss-protection
0
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 May 2022 22:50:22 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| url object| toastr number| widgetId1 function| onloadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_114687

2 Cookies

Domain/Path Name / Value
www.test.tuyenquangpost.com/ Name: quanlycongno_session
Value: eyJpdiI6InJRbldtTzlwUEU3dkhNWGpKQ0w4cGc9PSIsInZhbHVlIjoiTVVjYWNRRDRGQmV5TEh6dGRSZmpJaHlwMGpiRlM0d3hGOTNSVkVndmZERnk0Q2FJMDNlUERcL213OFdBQ2NNOWEiLCJtYWMiOiJmNWQzYzRjNGMwNDA5OWIzMmJjM2I5ZGM2MjA1NGJjNmQ2NWFjMmZjMTVkYTk0MmE2NDNlYmJlMGRiNzcyNWUyIn0%3D
www.test.tuyenquangpost.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlhlbE4zbkpHOUhvYTBzdkJSeWFqeGc9PSIsInZhbHVlIjoiMW8rVG5sNjNCMVoyQlJlVjBcL2lsa2dTT1wvMXVRaVJxVU4zYzdIUTlRRU91bE9ZcGNHZHF4Qis1Q3c1WExVSWNhIiwibWFjIjoiYWY3ZGRlNGI4NGVlNWVmMjk4NDhjMDliOGE4OTNkZTNjNjIxMDEwOGY1NTcxNTZhMDIyOTUzMGE3NWI5NGFhNyJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
pud.vnpost.vn
www.google.com
www.gstatic.com
www.test.tuyenquangpost.com
103.196.16.7
172.96.191.100
2a00:1450:4001:802::2003
2a00:1450:4001:808::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
03b8a0b98ba21fab12268d4e443e79ef6342a375d5c1850839615eec79d401fc
051c3bb8d973bc437b68ed3a7e731972d6281700e11db2f0d4412b5a06c679c2
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b7e62a5ceea7f29911611d4eeee50d88bb21bc90ce6bbe63bd71e4155e58cd0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e0c2ad4e069276efa1d43fd1f7549912bfd64219119037e26574f27ca4d7143
1fb0140eac079c8f8cc4df2380db9cf976d01b110e68e3924d5dbee0c54bc430
1fd8f4b65e534d5ab83d876438539e62fda6ae62b5a350fe1e79b105ecf95c08
2ab35825889046cbb84b4651b8558f1bad5675df801ec18fd871b124dbbd7a2f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3ab7d631744106001af0b9858b0f36d331a7521dba9ba270e21c573d05da9e27
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
4a0448b202a10b12468ee3b07f04df1115a144005f7945ce88168f7f0a25da5a
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d5240755e4fa06b4349953cb6c6f9edb5e2844f49e574519f1e789c37f2cb3b0
e2544ff4a43bb71012775c6ddac809182ce0588c4cda706fdf65e217e9105c2b
e4a6f23ddc8fe3528574fc0e693e551d6e8f6c7f83d1015c4c5f6fe99570dd98
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932
f5c203b6416a054de195921e85165e4d66fd303ea8d20982a190fede7b673576
fb56f0e08adb026eb4e4b28c2fc33b35ce3ddf30a075f9906ec14caff095fa3c