| otoviethan.vn/wp-content/plugins/button-contact-vr/img/phone.png | 104.21.20.86 | 200 OK | 952 B |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/button-contact-vr/img/phone.png IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hasha48ce4305cb2dc71a11d1d488b3324ae c329352ae45a42489fce48dcc5594f3db8c52028 6c3669b8e2c8d60c9eb6b00acf6b79c7fa2d976ed3cb7ead7f4de59fbfd52fba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/button-contact-vr/img/phone.png HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: image/png
content-length: 952
last-modified: Tue, 02 Apr 2024 17:00:54 GMT
etag: "660c39c6-3b8"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbCPf5FqMyIRxWaFP5RtVqsPPI4zb%2F3a9J%2FDMGpEM1sVH7%2FB9L26JpzUrmZEbpof1QS%2Fv1U%2BzDDEb18kl7lk9JPZG0UhzNmu5NBz0viB6wI8gMI15chhls7njnD55Rn9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d08a7a56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/uploads/2023/01/a9493c66dd42051c5c53.jpg | 104.21.20.86 | 200 OK | 8.8 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2023/01/a9493c66dd42051c5c53.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 135x132, components 3 Hashe9d5c0ccf9e6b264ad7cf99ff110b5f2 87a3ed7339ec487dbb2d9e1cf3311a87acfaea6d 808b3b60482612a5d6ff3142d0914e32ad568e8e34705ee35197e352a9027063
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2023/01/a9493c66dd42051c5c53.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: image/jpeg
content-length: 8778
last-modified: Tue, 03 Jan 2023 12:25:26 GMT
etag: "63b41eb6-224a"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HoOv3mUS7h1czcex%2FEn6%2FFr5eRqDx9zwHCx%2Fk1s6LKvSC2yWSlQKD3BxqHPJQxkb0eRHK3HIQSbeHol1ZWyC9ArBZi4aGjGvAJXrRqLOw8BwwE22BFo%2FwhQ7ZsFO%2Fvzv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d08a7256a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/button-contact-vr/img/zalo.png | 104.21.20.86 | 200 OK | 4.0 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/button-contact-vr/img/zalo.png IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typePNG image data, 100 x 95, 8-bit colormap, non-interlaced Hash5b983baae6dbf4b632e7a4694d4076b4 c7b1cafc2270a73ad31975be2c9a7fad38568d73 3a60f04d2c74a4eadad3c5bad7bd0a6d9e038f7725fd31ed03a0e93091362dd1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/button-contact-vr/img/zalo.png HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: image/png
content-length: 3998
last-modified: Tue, 02 Apr 2024 17:00:54 GMT
etag: "660c39c6-f9e"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JWgS6HuoIo7cZmk2nG8IZQlyz8TP2DkD0aG11vYCWtah31RuxgG07EWi0vMpG4oI6NgU%2F4SGdCNVhZ8RbO1RQmm%2F0Yi8zy8JwB4gSSgJpdimsMvR0JY8FXw%2FcDYvphDG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d08a7956a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/uploads/2022/11/65-1-510x339.jpg | 104.21.20.86 | 200 OK | 60 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2022/11/65-1-510x339.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=1246, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1876], baseline, precision 8, 510x339, components 3 Hash4e2111492e67b84b44f673f75601291b e88a23d51a04412e5c51f90a1a7d09c3e72cc2ba a01daf07a9e6f3b3a52d3cea0f2dbdc8b37ec52a5a0cff88046bc458c4b196ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2022/11/65-1-510x339.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: image/jpeg
content-length: 60245
last-modified: Tue, 02 Apr 2024 17:18:33 GMT
etag: "660c3de9-eb55"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FX1u4PJmLdkWiRC%2Fuv7%2BBahuG564vJBDHVVEmTG2woz846OKipImCF4cXwyrocOGqQttrAOOrWePD32qqneELCni09%2B9W6zA4v2hPgEtWlB2LoklOnkZ59yfbMZneNYb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d08a7856a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/uploads/2023/02/tera-350.jpg | 104.21.20.86 | 200 OK | 61 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2023/02/tera-350.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 470x314, components 3 Hash2c345aa722aa41a3b8e8e0b83017afe2 ab0faff0cb96e1edc47c5a80b2d6366461284971 254531b319fdafa5167bf4b3f25acf9de9006b5c51127906025b7ff120948a7e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2023/02/tera-350.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: image/jpeg
content-length: 61394
last-modified: Fri, 10 Feb 2023 02:47:26 GMT
etag: "63e5b03e-efd2"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkDbhg7vPGA6rocQzOwXWVIRibt89AoDC8WdJzkpi5YIyrWcRDtacw51rSpWy71pG97wlNOBvg5TUhaOz2UoMbom1ghV%2BYZXvefzhp9%2FbjA2wSRzN1ncoJ0ECHF0%2FGCW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d08a7656a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/uploads/2024/03/banner1-1400x564.jpg | 104.21.20.86 | 200 OK | 118 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2024/03/banner1-1400x564.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=806, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2000], baseline, precision 8, 1400x564, components 3 Size118 kB (117642 bytes) Hash02902e3853e1f6f2a552bd13ce5c5095 17aee9427448f605e0d3e06f9a7ac61e4d59ee58 35fcefeb4d84bfbf1809aadbcd20b614ebfc4c1a864e12cd21d526e17831a9b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2024/03/banner1-1400x564.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: image/jpeg
content-length: 117642
last-modified: Mon, 11 Mar 2024 14:09:12 GMT
etag: "65ef1088-1cb8a"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSjp1oZOOts9zLskgby8aA%2Fn5hqjyntcuuAGL20nqEPn0ZQih9bjDpFeE9L91WRcmfNTliheYLBPgftRkeeac2wAwWWPo1NeFAOk3nAsvQtMO8BwJflDcFLbbahU8RDp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d08a7556a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 104.21.20.86 | 200 OK | 1.1 kB |
URL GET HTTP/3otoviethan.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typegzip compressed data, from Unix Hash9fc4f9f1c7331ac978e9488fb88f7e37 c627fbcf425619d5d3f8fd3f2a134c11a476f5bf 12803a1d94dfb456f0fa4094e57f5f7d635c9014d162bd1609fcde97fb017c76
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhWZk%2FPCWRfEGrA5Cktk3OIZ3t3b46X6vkcyZ8sf%2FEZZ2uQDkrtS1mnDTvnCm7TF61O1fkAIPH5sBQ1rql97EmGISo0eVq5vO1FmRbMqKwK%2FeFfC92TycIH8yrvbfW4V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d08a7f56a4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 20 Apr 2024 05:54:00 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| otoviethan.vn/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.15.2 | 104.21.20.86 | 200 OK | 6.8 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.15.2 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 6752, version 1.0 Hashfea1aeac745dbd246870467857e90f02 b9f8ea8bd9d496f5706b306bc0e777b6a9906b27 343b461359461daad66cca6ae40315cd78bf58ebe79eca9af84596d3d873c209
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.15.2 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:01 GMT
content-type: font/woff2
content-length: 6752
last-modified: Tue, 21 Dec 2021 07:28:54 GMT
etag: "61c18236-1a60"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:01 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FhxHarXW2AUI4h%2FKoAke6Pb4UD2obMBM6W8hiIqsbClsjUZBEFbjUqhiwgmReBntdY5bq%2B%2FvlhLvAIaCs8J8Hoaoha2W6UZH6%2BEupv0ZzyErKz4GTz0abz0Qij0Ejr3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d52f5556a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otoviethan.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 134783
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| otoviethan.vn/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.2 | 104.21.20.86 | 200 OK | 34 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.2 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash26f3004ce5ad4c94a8708deef0047ec4 26c42998d1215361dfe1c9599feba3437984c464 e5836a3b766e242fffac5181b1bf2a67c0775963334b656402a4480c57354fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.2 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: text/css
last-modified: Tue, 21 Dec 2021 07:28:52 GMT
vary: Accept-Encoding
etag: W/"61c18234-2b6f2"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8T5w6xyYI%2FXejxu5%2BHdXDjXGOXGnn457Kpc4ViHx7bs7LprIJ2CrU5BXE9Xj%2FgkXxUEsL3nEMUpZUnye8%2FjwZeg%2BsQOK1neFvFKIwndB%2Fz%2FwdSL5bF2Mjx5wQW3SA73q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d07a5a56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 104.21.20.86 | 200 OK | 17 kB |
URL GET HTTP/3otoviethan.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:43:52 GMT
vary: Accept-Encoding
etag: W/"660c35c8-3509"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cRR1u2S8DSJIPbL%2FI4hnlBmjhmE1Ja6%2BddgSvk%2FgnCUqJSZACEcI%2B%2FIKJ4RFoTyuLfgJSGOwO5wZK5eaIqKBCe52IKIHXj1hdxJ%2Ba5T8ZkGiU3PjJ4Gad0I7Fg%2FYUPcM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d07a6456a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 | 104.21.20.86 | 200 OK | 15 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (11513), with no line terminators Hashefc27e253fae1b7b891fb5a40e687768 ad12044651ffac0badcd0e42f32edef91678b1ff 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:48:42 GMT
vary: Accept-Encoding
etag: W/"660c36ea-2cf9"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PothViGY6zGeMo%2F4qhobtFzYcgy4Rn%2BmaS7G9g7oqyrtwTj%2Bqe%2BkCNvmbHhOi8c9W9DmopcXLEuNREyeddxFelbrQ%2BkWnawuHg5NS0lyR96RyGUPP%2Bb0pSstN29hdmFq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d08a8256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 | 216.58.207.227 | 200 OK | 5.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5604, version 1.0 Hash7cda2cfee99d697daf8c14819d9004eb 76f4002863493c93454a9f17424942f321287cba 0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otoviethan.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:00:32 GMT
expires: Fri, 18 Apr 2025 03:00:32 GMT
cache-control: public, max-age=31536000
age: 10409
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| otoviethan.vn/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.15.2 | 104.21.20.86 | 200 OK | 6.3 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.15.2 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeUnicode text, UTF-8 text, with very long lines (23931), with no line terminators Hash6dbccbd41131d6a67405dcadc41597e0 4778e5276589bc53b63636faa22dab60a3201cad b5a9fa19f05880957922dc092795eefb81810e62aeab3e4f60017adeb10b7e31
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.15.2 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: text/css
last-modified: Tue, 21 Dec 2021 07:28:52 GMT
vary: Accept-Encoding
etag: W/"61c18234-5d7e"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V4%2BE6c0s65rLMgH3FLkaLmD15kFuxWqevGQOcQ4ZqbJxwWKtxGBLBZ2EnvtcImnRlgRANTE9eAy5qwMJySOveSfFETgzHcyM0ATHJyHv4Beoj2x0MESyOAQ1YA7IzvNR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d07a5d56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=8.7.0 | 104.21.20.86 | 200 OK | 17 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=8.7.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1509), with no line terminators Hashd135f91be7d973a9f688aae99ae5b86e 59c1a7ece70b5f3ded1cde917ac7991723964402 9d8a587ab4a60001f720cb0833192cccd56e583a8df7774c292acb907d6078fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/frontend/order-attribution.min.js?ver=8.7.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:49:28 GMT
vary: Accept-Encoding
etag: W/"660c3718-5e5"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bW0DFWyX5af2tjlrgWRVAjHXuHllLXBx88B5tR4YHjCCTbTDJpj0lyYerJeZWPRV19LT2ncSuy0IupxkjnzueQzvgaH4fnqo%2FBtJSMJVvxHayjgxXVK1sSPFzv9Qpeul"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d09a8b56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 | 104.21.20.86 | 200 OK | 8.1 kB |
URL GET HTTP/3otoviethan.vn/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (8171), with no line terminators Hashdda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:43:52 GMT
vary: Accept-Encoding
etag: W/"660c35c8-1feb"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZrLHdTuDi05V95PeF%2F0%2BYJkIyuyFug0GLFH3aOW%2FDdVoaadVfmobX8Gv6Tw2V8pHEJnzarsVOZ%2B%2BHmryANNf22uKPlgExYVpwe9lHMr8Or%2BUZ7J%2BktNv%2BttvT4jdESsl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d09a9456a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 | 104.21.20.86 | 200 OK | 5.7 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (13054), with no line terminators Hash917602d642f84a211838f0c1757c4dc1 392df3fb4b0ec96ce4ebb5616e6b2a5c55a54bf8 d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:48:42 GMT
vary: Accept-Encoding
etag: W/"660c36ea-32fe"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dlyDcPTxk7hLBTnogG6AfP%2BlG42N9Pm3Egxrvw1zCwr%2FLGl%2B836NTr1QxaLnLFKkSbSdjfX%2FXKzkzkq1NYbLcohrz29kTlLHmVqHo%2FWKMMqpXw3h55KTnepyn%2FpXtrXk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d09a8556a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/uploads/2022/11/1-1-510x339.jpg | 104.21.20.86 | 200 OK | 60 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2022/11/1-1-510x339.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 95x95, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:11:26 13:51:03], baseline, precision 8, 510x339, components 3 Hashe591b75bed9e5ff4147dfc42db924ecf 6d10b225043f1678343e78772947bd2be64aae51 36dce1d69bc738ac653cf69af04b802e97d44843565dffb29f42fb70655a5e88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2022/11/1-1-510x339.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fotoviethan.vn%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:01 GMT
content-type: image/jpeg
content-length: 60157
last-modified: Tue, 02 Apr 2024 17:18:57 GMT
etag: "660c3e01-eafd"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:01 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YT92VVKdugiQXExByKc0ofQLdlFJG6tsx1ULPeO7cA7TbtnQE4sd4V5qvSVPQ8vuQgSm2kiWnI14PDgaSmxvs8J7SuZGMrAzkE4eEQ9vJV7WZ3ITNmSfK5ngl74lc9Qs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d6d90656a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/uploads/2022/07/teraV-510x341.jpg | 104.21.20.86 | 200 OK | 65 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2022/07/teraV-510x341.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 510x341, components 3 Hash697e0d2b1282024d7a5f30fcc5278aec acae79595bbe620c4ab54654ad69cd42e2052dba 67d2d37c40f2888b2cd9bbe2faf8928dfd2876fa6be127742ed81310a09bb43e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2022/07/teraV-510x341.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fotoviethan.vn%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:01 GMT
content-type: image/jpeg
content-length: 64656
last-modified: Tue, 02 Apr 2024 17:19:29 GMT
etag: "660c3e21-fc90"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:01 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIclVq3x0ylSQY9Waj4Uq2cXmT2s64gf2zZGvp69YkbaHEblgPUyqvYE8x0%2FeVBjJsVoh8Si3t233bwQU717XnFPUeb%2B7NCEklCKQYwNdxiCcaGYHdQO9aKrXdTG%2F6mO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d6d90456a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/uploads/2022/11/xe-tai-tera-100-510x340.jpg | 104.21.20.86 | 200 OK | 68 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2022/11/xe-tai-tera-100-510x340.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 510x340, components 3 Hash0ee6892e2f61cdc7bad2baf1dfffabbd 93cdd089adee2115d1634bed2d844c4a570847a0 02ef1c4175c894ccf81482cf57b6920decaa1625301601809a3391830a4efb71
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2022/11/xe-tai-tera-100-510x340.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fotoviethan.vn%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:01 GMT
content-type: image/jpeg
content-length: 68289
last-modified: Tue, 02 Apr 2024 17:17:44 GMT
etag: "660c3db8-10ac1"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:01 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iuH8fyIDmtY4Hr6x6L8TK6mcIuwREzqnM86QKcnF7nVf6kz0eb5ftbifhK3vqUxyqxjnbhpUBg0gk%2ByQZMGmW%2FvEXe9VdQcawL7QW9ePGbNendLB3HG6wakB24OeTDZs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d6d90756a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 | 216.58.207.227 | 200 OK | 9.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9628, version 1.0 Hashd9ac47c7e500fb7083b8d595eaf6fe12 112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otoviethan.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:14:20 GMT
expires: Wed, 16 Apr 2025 07:14:20 GMT
cache-control: public, max-age=31536000
age: 167981
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 | 216.58.207.227 | 200 OK | 9.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 9840, version 1.0 Hash7b08b9e11fc6b8a8a1398b357e874144 4b5fb5790fae1c96655aaa7a426b697f5ab986d0 3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otoviethan.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:00:19 GMT
expires: Wed, 16 Apr 2025 00:00:19 GMT
cache-control: public, max-age=31536000
age: 194022
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=weekly&loading=async&language=vi&callback=onApiLoad | 142.250.74.106 | 200 OK | 68 kB |
URL GET HTTP/3maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=weekly&loading=async&language=vi&callback=onApiLoad IP142.250.74.106:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (10147) Hashee899427dbd2bf4c1613a2a736b36f25 983d69abafeefe6410f8966c53e383d217218545 90e1b1d54cfd174d2e5172c6b4af8e4f08cd914b15b2d6456d7a73a70811c8f0
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=weekly&loading=async&language=vi&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
cache-control: public, max-age=1800
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 18 Apr 2024 05:54:01 GMT
server: scaffolding on HTTPServer2
content-length: 67770
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| otoviethan.vn/wp-content/themes/oto-viet-han/style.css?ver=3.0 | 104.21.20.86 | 200 OK | 9.0 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/oto-viet-han/style.css?ver=3.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
Hashb9038463eb7c3c47c8e169305a64c6e1 cefc2cf31ddf09fbfba8ef4fae7c61566c719d96 0bc5a67466e37a36b06778a78b3f7f96c03e9baa539b38b696ef2c6178459739
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/oto-viet-han/style.css?ver=3.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: text/css
last-modified: Tue, 02 Apr 2024 16:48:24 GMT
vary: Accept-Encoding
etag: W/"660c36d8-12d"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3c6XsctTmgg7kDIrhqxX%2BzzNVD82MyTHSk1k7JKp7Q7AnyubE46mfaxXAiTvnHDoKI3gnfZDoYK9FqcVofmD5UB57b6AmMNTW5g2rOWzWwKAjgXt%2FE%2FQDamT5taUN6F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d07a6156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/uploads/2023/01/a9493c66dd42051c5c53-100x100.jpg | 104.21.20.86 | 200 OK | 4.5 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2023/01/a9493c66dd42051c5c53-100x100.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 100x100, components 3 Hash0e62d65d6eb38e703a10c8a4be6453bc dc990a7df30f757acdddcf397ca3209e9f6cebc2 d8fa7763f9b4dead595f990409d0afbca7cb92492c69d9563be9d976ef9302ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2023/01/a9493c66dd42051c5c53-100x100.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fotoviethan.vn%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:01 GMT
content-type: image/jpeg
content-length: 4496
last-modified: Tue, 02 Apr 2024 17:18:08 GMT
etag: "660c3dd0-1190"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Thu, 17 Apr 2025 19:43:59 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: HIT
age: 36602
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sicQDXFM6VBJwwl505NY1nVVKoCEjuNRMStr1pCewl2S7A5JZQqqllJecGWkFLoB3YpBexoZjZx7h9cWMBj7uvPSHFdV9WadV1Eu56ie5YyA9%2B%2FEkVKFTMRZdlskdzfm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265d89af956a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| maps.gstatic.com/maps-api-v3/embed/js/56/8/intl/vi_ALL/init_embed.js | 142.250.74.3 | 200 OK | 62 kB |
URL GET HTTP/2maps.gstatic.com/maps-api-v3/embed/js/56/8/intl/vi_ALL/init_embed.js IP142.250.74.3:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (3255) Hashe35fb3cbcc4cee734b1a5924a22a0209 92f7d8e42ae7bd55792300c93676d822057e3377 8da95561db16c1b15b5f8c50313a97eea8131e23c6a8e56fe9441ed0cbd06a5d
GET /maps-api-v3/embed/js/56/8/intl/vi_ALL/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 61868
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 17:35:35 GMT
expires: Thu, 17 Apr 2025 17:35:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 17:51:51 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 44306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true | 142.250.74.106 | 200 OK | 23 B |
URL GET HTTP/3maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true IP142.250.74.106:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash8a80554c91d9fca8acb82f023de02f11 5f36b2ea290645ee34d943220a14b54ee5ea5be5 ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 18 Apr 2024 05:54:01 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/common.js | 142.250.74.106 | 200 OK | 57 kB |
URL GET HTTP/3maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/common.js IP142.250.74.106:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (6747) Hashb545db17acffae132d0ae1153db32fd3 8358d1db7efe70a0fb16802ccb1721ee5a182f18 04a819593c60170fa8f8260f7f5fdc450a6ba161622f3293bc83edee67e48d0a
GET /maps-api-v3/api/js/56/8/intl/vi_ALL/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 57425
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 17:33:08 GMT
expires: Thu, 17 Apr 2025 17:33:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 44453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/util.js | 142.250.74.106 | 200 OK | 57 kB |
URL GET HTTP/3maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/util.js IP142.250.74.106:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (562) Hash76be9fcc4ad63e3bf781b704c72adee1 4610afd447beb728febe233b730693fbc9e64bef 0b6f9b7928ae89d1c4f520119fba46f0d71532f733ab35ceb2d16bc6b4afc9c3
GET /maps-api-v3/api/js/56/8/intl/vi_ALL/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 57156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 17:33:08 GMT
expires: Thu, 17 Apr 2025 17:33:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 44453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/map.js | 142.250.74.106 | 200 OK | 24 kB |
URL GET HTTP/3maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/map.js IP142.250.74.106:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (2397) Hashf3ad8c5e14b7bee8a0e560e90164bbdc 801a202c085e79b9ac17be04e1c4e283afb180c1 dd494a09b8b59161081b82d60adeb6d10a66d60073e5eb4e8a225a7c3f05ded4
GET /maps-api-v3/api/js/56/8/intl/vi_ALL/map.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 24202
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 04:12:00 GMT
expires: Thu, 17 Apr 2025 04:12:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 92521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| | 104.21.20.86 | 200 OK | 57 kB |
URL User Request GET HTTP/2IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (8835) Hash987db11660d10d5631600c3eacd734cd ff8cbd44fc2add4d354c6326d5fdb68100f05626 44f2e7c40767d1e2391a7c2b0bebb91a35c99e687da2ab4fbdfdf5cb1928debf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://otoviethan.vn/wp-json/>; rel="https://api.w.org/", <https://otoviethan.vn/wp-json/wp/v2/pages/821>; rel="alternate"; type="application/json", <https://otoviethan.vn/>; rel=shortlink
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HtSUPoK%2BWtffkryycTSiXtl%2BeE%2BUJty46DTBjSAij4cZhjEiZYQLS3uxnScUUPm%2FO25N0qriljnGx3woiGiw4i2fKpvcb0RNAeRN3h6LUzm8TtZyDNe0B%2B0KmD5GXh2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265c01bb4b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/onion.js | 142.250.74.106 | 200 OK | 9.3 kB |
URL GET HTTP/3maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/onion.js IP142.250.74.106:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (2924) Hash67aeab8353df20d7f7e186facf61dae5 f7a60137b5c28b9fd4a87c6fa94972c2f86db123 bb0405b5332b914fb836daf0d8c0e39f66e2ae654447050a69bbbd5f7458cfaf
GET /maps-api-v3/api/js/56/8/intl/vi_ALL/onion.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 9253
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 17:33:08 GMT
expires: Thu, 17 Apr 2025 17:33:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 44453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/overlay.js | 142.250.74.106 | 200 OK | 1.3 kB |
URL GET HTTP/3maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/overlay.js IP142.250.74.106:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1205) Hashe6e80bdce424a4e1058e6d44cd4a856d 6501045303f01c7e01126ebf96c462fd14c26b1d 8d1b3320098835a8d454e7c21651f4302ddc00f5c1b15c6e2615fcfdd41e7b6c
GET /maps-api-v3/api/js/56/8/intl/vi_ALL/overlay.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1289
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 17:33:08 GMT
expires: Thu, 17 Apr 2025 17:33:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 44453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i3334233&2i1843389&2e1&3u14&4m2&1u387&2u300&5m5&1e0&5svi&6sus&10b1&12b1&client=google-maps-embed&token=5732 | 142.250.74.106 | 200 OK | 38 kB |
URL GET HTTP/3maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i3334233&2i1843389&2e1&3u14&4m2&1u387&2u300&5m5&1e0&5svi&6sus&10b1&12b1&client=google-maps-embed&token=5732 IP142.250.74.106:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typePNG image data, 387 x 300, 8-bit colormap, non-interlaced Hash94aea5e2332c47940a3cfd52add5dd19 0dabd02a5677ba58b07dd9de9469058618935e13 2316686515e70289c9908033c4f98d98fbd57e7eb09fd427ac8cab7d0d917dd1
GET /maps/api/js/StaticMapService.GetMapImage?1m2&1i3334233&2i1843389&2e1&3u14&4m2&1u387&2u300&5m5&1e0&5svi&6sus&10b1&12b1&client=google-maps-embed&token=5732 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
date: Thu, 18 Apr 2024 05:54:02 GMT
expires: Fri, 19 Apr 2024 05:54:02 GMT
cache-control: public, max-age=86400
server: scaffolding on HTTPServer2
content-length: 37913
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| otoviethan.vn/wp-content/uploads/2024/03/banner3-1400x564.jpg | 104.21.20.86 | 200 OK | 118 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2024/03/banner3-1400x564.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=806, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2000], baseline, precision 8, 1400x564, components 3 Size118 kB (117582 bytes) Hash50b00e83e2898d55fda4f681d60baf1a c0231519e20f5073076e227fdbc8432d895fe3b4 ddb34a8c9782d9bf6939bdec1a5ad38692232475c1307b7ffb7cbc3d30a2b728
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2024/03/banner3-1400x564.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fotoviethan.vn%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:07 GMT
content-type: image/jpeg
content-length: 117582
last-modified: Mon, 11 Mar 2024 14:08:52 GMT
etag: "65ef1074-1cb4e"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:07 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhQ%2FT1TUNdHiJGgdyw4PfgX1fLyP4juE3jcokMzp0H%2BVT8kvEh9wch9gWyxnGTSBHRSuf5UVjTF2ibAkBv0xUkJTMRp9yCEcvDf4mOSNAnrNG6zf%2Fn0pEvfv0ITJ6AS2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876265fe6da356a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/uploads/2024/03/banner2-1400x564.jpg | 104.21.20.86 | 200 OK | 122 kB |
URL GET HTTP/3otoviethan.vn/wp-content/uploads/2024/03/banner2-1400x564.jpg IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=806, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=2000], baseline, precision 8, 1400x564, components 3 Size122 kB (122429 bytes) Hash9ef79579892e1d4b7c41085a7fa390e4 22479103eaabf05bd5edbe5f2205846b5838d9cc cc65382a6b2651bc56cbeea3f5fbc5759789af7840b10984b39247ee9f191696
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2024/03/banner2-1400x564.jpg HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fotoviethan.vn%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:13 GMT
content-type: image/jpeg
content-length: 122429
last-modified: Mon, 11 Mar 2024 14:08:50 GMT
etag: "65ef1072-1de3d"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8vOTeNskET7NiOFb5vMCMxii%2FB%2B6tNdfJ5Rcy4BPx2kFG2sTw85LqF8%2Fsc0%2BxtkOtSF4CFuPxQ7ZIv9J1wqk5WTPU9X3Ulcl83wvWHKWfSOt4Gqe4VvHuJqHYBZ8UWKZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87626623ff6d56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 | 142.250.74.106 | 200 OK | 6.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (6106), with no line terminators Hash35e2e38dbc79b36a23fe80e4db6e6d34 be62517c33b600ab439d4ec9c4204c88884470f6 8ea868939bcbbec5e51a195ca36281c88f2aeb1f574e9e863eb8a1e42ebd8537
GET /css?family=Roboto%3Aregular%2C500%2Cregular%2C500%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://otoviethan.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 05:54:01 GMT
date: Thu, 18 Apr 2024 05:54:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| otoviethan.vn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 | 104.21.20.86 | 200 OK | 2.9 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeASCII text, with very long lines (3172), with no line terminators Hash4ff394b4fc55e546c2457e1a49a044fa 0f3fe404c0821a795cb73aa6bb5c062d52af7e68 4858dafdb763b5027e97ca50c5747329e16d4c19ecc575aff7454335e71cba33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: text/css
last-modified: Tue, 02 Apr 2024 16:48:42 GMT
vary: Accept-Encoding
etag: W/"660c36ea-b4e"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O312ObFlKUkKqXnNjxrv2GgNEWDmgRRzhwhr0Lmvb5QqYlJP4FwtGuabqW3J3Ett28rQAkMB9qBUuqv54L7FwWSO24JLiDHLSz1t5IJynnJdBqBwM%2ByqfNv6Ah67MwW7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d07a5156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.31.0 | 104.21.20.86 | 200 OK | 25 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.31.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (25294), with no line terminators Hash32f353893906d18e1fc351066e4b263a c8ed65fffa387077fe4ba700b7913bbb59f90436 80d7254b4e01cf17bf56254fc3698a81ce127553bc9eac47ef24b9e2a94cad8f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.31.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:50:12 GMT
vary: Accept-Encoding
etag: W/"660c3744-62ce"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfmqSxPSNwdRgBo5bMjjMmvOm2FQ%2FrM5sYMeaRAPNmtm%2FVxZDJi2cQiDgYLp%2FP47gHy2s8885RJ4jqZx83eGux5Npu1yfkXBa4pBUEphXXJtFfXEVfmzO3e8kTFTrc9U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d0bab856a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 104.21.20.86 | 200 OK | 39 kB |
URL GET HTTP/3otoviethan.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 21:11:54 GMT
vary: Accept-Encoding
etag: W/"660c749a-96be"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dT1lU7I4gzmN6kcoZ2qSRPMa%2F8%2Bl8Gxwq9AR3n%2FF5%2F0dyHSoYexApOKBF45YMSSa3oI1KliRGI4r4mTFFsiOedgZAL1KxSgzdZ6eEJ6UbZj7FQOedRkzahTisSeECTV%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d0aa9a56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-includes/js/wp-emoji-release.min.js?ver=4a427a9ef64ced75b8db76f38e13647f | 104.21.20.86 | 200 OK | 19 kB |
URL GET HTTP/3otoviethan.vn/wp-includes/js/wp-emoji-release.min.js?ver=4a427a9ef64ced75b8db76f38e13647f IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (15752) Hashb976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/wp-emoji-release.min.js?ver=4a427a9ef64ced75b8db76f38e13647f HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fotoviethan.vn%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 21:11:54 GMT
vary: Accept-Encoding
etag: W/"660c749a-4926"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:01 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rR8lBF1Iw83HH7zoFu1MsTciQVaka2BsUrj5zmYBxr2%2Bba%2FT5zbC9XV886MJmzanzaYgRvNiOI4FOBkuCyYWAuC3Fee0CYbbAjKqtGwG58o8LJ4bAhdhtTNODDrIJoLx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d6d90956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=8.7.0 | 104.21.20.86 | 200 OK | 14 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=8.7.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (14500), with no line terminators Hashaf44f82a13e50f4ab09a194247ac71bc e1c921fa718e918e70a25cd278a9ff5b8be9c2bf 881f4e9fde0d4d4bdcf1eae9fd2d68378c5203969e6ceedf59b4e29567f238a9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/sourcebuster/sourcebuster.min.js?ver=8.7.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:49:28 GMT
vary: Accept-Encoding
etag: W/"660c3718-38a4"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyMfjuGrGMZAP0tvwWAh8eHVaqOSOF6GqoiLSKHXejSjmM6gwCDERPK51P4%2BeZmA8vu4qGLx6VFenI3eBHkyfW10rq%2FULqw4a5XmCYDGLav5w4eIE0vCMa3kQB7SWJ6A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d09a8956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.10.2 | 104.21.20.86 | 200 OK | 2.0 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.10.2 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (2061), with no line terminators Hashe5cf45d968d4550b8a20f364041e1cb6 b3931206ceac95dfe05c0c9c53e6b16f6344d155 efd406c11b8a9a5828fec1a4c61d1fb4e9e8f4d9b9f36c666f1e234f653b1c40
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.js?ver=3.10.2 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 21 Dec 2021 07:28:54 GMT
vary: Accept-Encoding
etag: W/"61c18236-7c5"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAqs876ZOTiA7g4%2FFY8K9ZP34IXgy1%2BE6ujqS3z1zJ0mXN0yH6hORk5AWes4%2BrGR6ZlA3jxUr12lFhKv99DOCizfTOvsLHpLQqq6%2FqllXvbTop692M7fL%2BA2%2FNG1bi5k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d0aaa356a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/search_impl.js | 142.250.74.106 | 200 OK | 3.3 kB |
URL GET HTTP/3maps.googleapis.com/maps-api-v3/api/js/56/8/intl/vi_ALL/search_impl.js IP142.250.74.106:443
Requested byhttps://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (3432), with no line terminators Hashd6e6129e41020cb6b72b1c97eab97d45 535445d4b29041a09f662ba4213cfff8aaa5e6fb 0654e1d68ad436088e79b27e73d0a735d7c322b1046e9dd945fb5859ff453ad8
GET /maps-api-v3/api/js/56/8/intl/vi_ALL/search_impl.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1265
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 17:35:21 GMT
expires: Thu, 17 Apr 2025 17:35:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 44320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| otoviethan.vn/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.2 | 104.21.20.86 | 200 OK | 16 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.2 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (12801) Hash28c3a79b698984aeea534457071a9fb2 ee62a28760e7263f10307a988b244f1f0237601a e3d3660aee33ed4ad14e6dadf15503bf26d877be610ff8c69db18653cc8b8915
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.2 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 21 Dec 2021 07:28:54 GMT
vary: Accept-Encoding
etag: W/"61c18236-3e58"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMuWKRBJmGPjnpYlRd0xTiZl98wxtx1EfE88bPSwLIX%2F8ARCdIBw7HFaBrdX2DMu26dAQT5Pj%2B7vFBPTNTR7zV7VGzONmPTnwKUns4TZ6J1Ix%2BNV7hefVZo290lBouZx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d0aaa956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 | 104.21.20.86 | 200 OK | 15 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:50:12 GMT
vary: Accept-Encoding
etag: W/"660c3744-3a4f"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oU%2F5BKfCPyEEpd6lhAcptTnWGugH%2BvwVx06YoMu%2BcJh%2BadnhHGUzfUC2tRQATLtbsqGutBJE7SgEvCyKsLJtG%2BHw5sILVX0E2adU5DxTS45yc934%2FM3YRCi%2FydJEAAww"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d0bab456a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 216.58.207.227 | 200 OK | 5.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5560, version 1.0 Hashca3b09b62fda648a4511700413313fd0 109cd4c5435bd6614391bb8722c47c287c96b2ec 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otoviethan.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:45:32 GMT
expires: Fri, 18 Apr 2025 02:45:32 GMT
cache-control: public, max-age=31536000
age: 11309
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s | 142.250.74.164 | 200 OK | 3.8 kB |
URL GET HTTP/2www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s IP142.250.74.164:443
CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3746), with no line terminators Hashad677f65ce3ab17cb258c2f7470e36b7 71d31b4d389f45e677139868574933b5129c1e26 68b1842c82d7ce5ac0da7e9a182ea4af53e5a9862c6b0289ac362247802a9c80
GET /maps/embed?pb=!1m18!1m12!1m3!1d12505.86705163825!2d106.20293258493655!3d21.270813680831857!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x31356da575064d57%3A0x11476410dc6b9181!2zw5QgdMO0IFZp4buHdCBIw6BuIELhuq9jIEdpYW5n!5e0!3m2!1svi!2s!4v1675413868431!5m2!1svi!2s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://otoviethan.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-kqIzW_UzwT8v9km6WTg1hg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
pragma: no-cache
x-robots-tag: noindex,nofollow
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 18 Apr 2024 05:54:01 GMT
server: scaffolding on HTTPServer2
content-length: 1513
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| otoviethan.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2 | 104.21.20.86 | 200 OK | 1.5 kB |
URL GET HTTP/3otoviethan.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1528), with no line terminators Hash05dfab5ea94e431b975302359420e027 6fedd8876d4dd468783359ca3bc4882748dde111 d05f197f608d0f4f0eab7000e11622a7dfbb913b7aee1a1352496fa1fcfc5789
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:43:52 GMT
vary: Accept-Encoding
etag: W/"660c35c8-5db"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99LrTgtt4LLaFni1b57m8vx3KX5cMNZ%2BnqZiQY4puT9C86DNxVkiuuFivb3vIdmYjCZr%2F892RjPb6m7X69W%2F%2Fw84YsQmhugmCuBBCk19SqQB0TyFFfqmU094B3IpFkxh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d0aa9d56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 | 216.58.207.227 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11800, version 1.0 Hashe36fccd06262bef92e7a9841e2202225 b907dd02819497b3942220e0aa160c167195506b 7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otoviethan.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:25:08 GMT
expires: Fri, 11 Apr 2025 17:25:08 GMT
cache-control: public, max-age=31536000
age: 563333
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| otoviethan.vn/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.10.2 | 104.21.20.86 | 200 OK | 3.9 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.10.2 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeUnicode text, UTF-8 text, with very long lines (4161), with no line terminators Hash2f8761cd8dcb59abdebe1177c19cbb6d b35080918b5defdbe4b30287f0169e5500eb4a0c a4dde648c585e4608d76f4d4278a74f47d499e60d48bb25c0624922a4f31c8b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/flatsome/inc/integrations/wc-yith-wishlist/wishlist.css?ver=3.10.2 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: text/css
last-modified: Tue, 21 Dec 2021 07:28:54 GMT
vary: Accept-Encoding
etag: W/"61c18236-f67"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egsYMGdB0qFehxh4fzfsrJUABYhz7tYOuDToH%2B2ICZ%2BcMkEU8L%2BtzATiB2hSquzxOivhkqSWtauv%2BQ5Sn3ANs7SNZW3so2Es0o9HxN%2FgRjNMmTg0%2B6chak8WRWQ8ffhO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d07a5856a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.7.0 | 104.21.20.86 | 200 OK | 3.1 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.7.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (3148), with no line terminators Hashd17c62bad956b4371f4d678f026c31b9 85b7da96dbdb12f047cc91dfe66d38bb431ef148 e795a33b7abd1b98fbc77e1932ca8bc8ce87ad44628d5f9255cd739e1992673e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.7.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:49:28 GMT
vary: Accept-Encoding
etag: W/"660c3718-bf2"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGJRgB6F3pjLCs1aKZrn1HAQm7%2BvTLHohnS7s1MCd6iRXKEIGGeosCXyPgPIeeyLXmsI3JLLet1aCMH8lQUjcxLpQBudcqNIVRPkwCIAIiLa%2F5p0TWRPg2Hm%2FDRCuGPT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d08a6c56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 | 104.21.20.86 | 200 OK | 6.6 kB |
URL GET HTTP/3otoviethan.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (6799), with no line terminators Hashccaa7ba23a1f74bc12d091b65b515c4f 26b795b942f321ee8237178a1fcc16f1cee5a99e daceae61a869247d42436998814874e2698dc5f4789c65cd9bad98da52276db1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:43:52 GMT
vary: Accept-Encoding
etag: W/"660c35c8-19e1"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CmzewH%2FrojrttlsrJ4tZOIRYmszSlX7sGcBlv%2F7NU%2BKpuQaIr8l3ZaibsdNVBFNe0Jnv5EKcWr4%2FjA1dGJ0K1%2BKrotGntLXhP0KrvhM1rZ1W6M%2F%2F9vCzEAo%2Bl4V%2Fk4PN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d09a9756a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/themes/flatsome/assets/js/flatsome.js?ver=ddce2c6d3f3a93afe1db0d523049c446 | 104.21.20.86 | 200 OK | 55 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/flatsome/assets/js/flatsome.js?ver=ddce2c6d3f3a93afe1db0d523049c446 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (54970), with no line terminators Hashd1685b21b954595e327d21f986437340 f517238618f444f989ab950022401bd19e830fbe 84bbb3932cb66734008368e7a24aa85a0b4cd4b90becfb01c0717d3abbf9778e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=ddce2c6d3f3a93afe1db0d523049c446 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 21 Dec 2021 07:28:52 GMT
vary: Accept-Encoding
etag: W/"61c18234-d6ba"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpSWUtLSKdHhILewieSRLj3uj9gnh9zdu0hgSKwJNHShKYEtA39joiYJMC1QvF1WcV7edUp76sB5M4A%2B4Cbk%2B3vabpruzvj3LJGPs75PeZM3Pvsdwi%2FSoboE5Iqy4IkF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d0aaa156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 | 104.21.20.86 | 200 OK | 22 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeHTML document, ASCII text, with very long lines (21612), with no line terminators Hash62331b455760a3d587436a5aefd3ac55 a2e9dad245b08b6d5a02defbae14b15b3bb95ade f0bc0f5d0d025d1b2686d9a47780934a4e747b5f0d2e067ff64f40bae2f7d0cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:49:28 GMT
vary: Accept-Encoding
etag: W/"660c3718-546c"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RScucOSwuJB%2FcAS5TL17f%2BfUcBHpQD5GBqExVesR7uhn0g%2Bq%2BNctV8QUvJ1DO2%2F9b1UxucI6HvZ%2F9SfvqtkQNR7VeTfMUzC81oiFpvo5vOj2kf4spICZUDANyNFx%2BRe0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d0bab656a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js | 104.21.20.86 | 200 OK | 50 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (49648), with no line terminators Hash605fc409bf1ea2cc85851c1b6c9ded53 bff6d8038c726160a19474eedee51bdd6a288a05 7ff4c36da2ced48cc30fc8512ca858e878af31a753b0317e8484792992f32b12
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Cookie: sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-18%2005%3A54%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fotoviethan.vn%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fotoviethan.vn%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 21 Dec 2021 07:28:52 GMT
vary: Accept-Encoding
etag: W/"61c18234-c1f0"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:01 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQgXPApPRnpJapNqJD2HmHczWzmQTMny3pe3I6FwvErnBBOrpEUCZY1sLHnuvjzCYOJt59fK0EzMeeQzB6sdxJ6ZqiQYXt8fk60OMi5YUCocvrNOtbHvoztDH7EluRl2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d7fa4c56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/button-contact-vr/css/style.css?ver=4a427a9ef64ced75b8db76f38e13647f | 104.21.20.86 | 200 OK | 6.6 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/button-contact-vr/css/style.css?ver=4a427a9ef64ced75b8db76f38e13647f IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeASCII text, with very long lines (6605), with no line terminators Hash00461203661364af56909ad0361ca229 20e7ef63744d08e20420f45d9f93b0b4ea9d9381 fc671fc88044969ee653b0d6165b54c7bc3f76024654be08d85d061eb5567fd8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/button-contact-vr/css/style.css?ver=4a427a9ef64ced75b8db76f38e13647f HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: text/css
last-modified: Tue, 02 Apr 2024 17:00:54 GMT
vary: Accept-Encoding
etag: W/"660c39c6-19c5"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2BrzQ6RIgBWBmOq0DMzgiU1fNh0kHGlE9zBR%2BatyR0q5y2g0HELb79bzDhw7ZjLc0KTNNk6BVaO1PYsEDHHStCEKFdMJgNj%2BWxCYkfLgKGGL51UuIrRbo6gykTiLWyLp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d07a5456a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.7.0 | 104.21.20.86 | 200 OK | 2.1 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.7.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (2257), with no line terminators Hash846a24981bff9217c95389e6dc346313 e03631b8e1438e09c8d7876ab20b0d69d0c4d819 29327d5b926dcc7de82c087f261b00355dce3492f0b9721887819b5f54cf8486
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.7.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:49:28 GMT
vary: Accept-Encoding
etag: W/"660c3718-85b"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQ1vKmAN0UVowiS3vIjkZfSKGH8Hc2%2FK8abdPjlPXGxH6JFWWJQ4s%2F0zJuVHMLu7b8dabWQC4w8OnMVsgad1Tj%2B9PJQxj9tblpvSRU5xcqaA5OdRcPjiO%2BwIKXfg5RoD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d08a7056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=bdd6f8ae659698ad382b4c523700f856 | 104.21.20.86 | 200 OK | 18 kB |
URL GET HTTP/3otoviethan.vn/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=bdd6f8ae659698ad382b4c523700f856 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (18356), with no line terminators Hash2cba1594f245ed6e19704352bb8b4bef b551d565dbf7b6fa571cae32571f725d4283a32b 4359f683c10aaa281aa869d6e2cb3f983f11e265d22c5aa8160ca9246417a7ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/themes/flatsome/assets/js/woocommerce.js?ver=bdd6f8ae659698ad382b4c523700f856 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 21 Dec 2021 07:28:52 GMT
vary: Accept-Encoding
etag: W/"61c18234-47b4"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxEKlrV7hhHzR5V3BDuu0SsAEB9pxdmI9w4Y9vON5sXmvuP1mO4IlglQswMkU1jsXWl2ut9HaG59O3POvScYfeIT29564w3TiFsDo0Eb8UmJ79qdLI01H5aABs4Rzh32"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d0baad56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otoviethan.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:56 GMT
expires: Fri, 11 Apr 2025 13:20:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 577985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| otoviethan.vn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.7.0 | 104.21.20.86 | 200 OK | 9.6 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.7.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (9963), with no line terminators Hash7ed2c573e85b2b4e5fb8b4131e95e469 140691f29cb181849892640d1b237fa6a4e5beae a637f7d3e1ca8aeb1d7d4499419916cca6c18a2b625a616f6950f2b978a91ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.7.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:49:28 GMT
vary: Accept-Encoding
etag: W/"660c3718-25a4"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z79n0fkgWDbEvq0kTlow96BiEe47gEspON1hgyiA%2F5hypvDpEFj%2BbUbJoU%2Ftu9o8RoxNOi7nj%2FhA0JznePR2A2Se12LGTHaUPkY33S3uEgTY9aagf8Qi3GazLSfpjwI6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d07a6956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 216.58.207.227 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11872, version 1.0 Hash87ace20058325aa069320aa4af875dff b743548770c46d905ae1ba06310bc001c587fe8e 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otoviethan.vn
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 01:10:05 GMT
expires: Tue, 15 Apr 2025 01:10:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
age: 276236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| otoviethan.vn/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 104.21.20.86 | 200 OK | 88 kB |
URL GET HTTP/3otoviethan.vn/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:43:52 GMT
vary: Accept-Encoding
etag: W/"660c35c8-15601"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqUHzYIs8DnRofx%2BUJ34Dtc2LThjCtQiuy3tm%2BLBC3kbowyjxNVo0iuCSSp0LeuEc2ojryjOXQqgdN0NJh1IvYPSNQ3LOUkQjXhAQPvaZ085915Df6p83zm7lAb77MET"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d07a6356a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| otoviethan.vn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.7.0 | 104.21.20.86 | 200 OK | 1.7 kB |
URL GET HTTP/3otoviethan.vn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.7.0 IP104.21.20.86:443
CertificateIssuerLet's Encrypt Subjectotoviethan.vn Fingerprint45:20:20:C8:E9:37:3E:E2:10:A9:C6:FE:6D:73:68:4D:D5:49:AB:1A ValidityTue, 02 Apr 2024 01:28:38 GMT - Mon, 01 Jul 2024 01:28:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1759), with no line terminators Hash40fb244b78cdf7946fec16564a2bdc9a e80ebc14cdb2cf0a3625116ddb770da57bbbd506 76c56d908e9de1877fbe3f7bc1c90656c07bc7b9a69b2bde9f950456d37cbb9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.7.0 HTTP/1.1
Host: otoviethan.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://otoviethan.vn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Apr 2024 16:49:28 GMT
vary: Accept-Encoding
etag: W/"660c3718-6b8"
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
referrer-policy: no-referrer-when-downgrade
expires: Fri, 18 Apr 2025 05:54:00 GMT
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHnAOQn%2B0uSyzpdeO6QMwxwWJ5%2FrvYKZ3dY3cDTPbrDAf0QNgGpaCg%2BDBrJZOvxb8rMAr0mETm8LPshJ%2B8OwMTMUq8eNnGAIRsCCEogT%2F0Z5KX5Bgc7EmnJESOWTvwpz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876265d08a6e56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|