r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8000
Expires: Wed, 23 Nov 2022 14:18:27 GMT
Date: Wed, 23 Nov 2022 12:05:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6576
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:07 GMT
Last-Modified: Wed, 23 Nov 2022 10:15:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
gshock-vietnam.vn/
112.78.1.97301 Moved Permanently 162 B IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 12:05:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://gshock-vietnam.vn/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4069
Expires: Wed, 23 Nov 2022 13:12:56 GMT
Date: Wed, 23 Nov 2022 12:05:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 11:17:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2880
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3WE7w6PeVvPAavAM4fdH6hvDGhbH1puRAIdcjWTq70c8jUUk986Qg+fSlxfFNAxaBA5ogI0P2kg=
x-amz-request-id: 4J3Z1WY4HHA1Y2XJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 11:39:59 GMT
age: 1508
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5f7769fa65543e3f0f03f2c87fe90cbd
52bca9d76ed221729dccc39af7e7e0a368680ae4
d9fa0b76ed106090928bbbe4f7b3a7da268eb45029a59ee8709a1de2077d3f1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9FA0B76ED106090928BBBE4F7B3A7DA268EB45029A59EE8709A1DE2077D3F1D"
Last-Modified: Mon, 21 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 23 Nov 2022 18:05:08 GMT
Date: Wed, 23 Nov 2022 12:05:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 11:11:11 GMT
cache-control: public,max-age=3600
age: 3237
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5808
Cache-Control: max-age=167913
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:08 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:43:41 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.53.106101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.53.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oOvHEvdAjA5HSX9w63OabA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QSCLaZMs280plfwbXXN6ElsOdxs=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 12:05:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 12:05:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 12:05:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 12:05:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 12:05:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b591bcc9d645eed0ea6ebc5dae07d31
97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb
82dde9a4d139bdfae1d8859f4d7a77f92182c65ad630e25d0cc52f346dd1dfad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11793
x-amzn-requestid: 7edbd95e-83c8-4162-886f-b0bf88deee5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oFrQIAMFnYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-4f1317ec61500d713816830d;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WYzBlSLCZWYEtLVSlKROHJMgK7WYhBNym1oizSWYlwg5oBatM9eRYQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:54:39 GMT
age: 47431
etag: "97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 175363fa-bb7a-4c95-8aa4-ebb3f16f3745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1lI3HaqIAMFmTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63788238-1bb736b52bbae37c5e19486f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 39Lmple6qq9vrKeKJ4lcditVdK5XfRFtv3Cs0_R8B7pVDYPiRAGFtg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:08 GMT
age: 49922
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 05:01:14 GMT
age: 25436
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03830e3ff377979c234bf37561c54cfd
c18884ce9370c97e6b4e12ab0f827d68a1938bfa
5ba8bfc69c7eba42de4a16bf6d1e1e3570cd3918fe15cb8b2d25950ef791ddbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d5a9928-3c61-44dc-af42-7d4e3c891caa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8365
x-amzn-requestid: e6c2ec6e-525e-4b9f-a45d-63076580df5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrpFJ3oAMF4mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee4a-576f678b6e364bca09532010;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RjuSNwOFpk7_LY-bp-R4iKsz33D4T5Are-BNb2ftPT-N_g0W2PDeuQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:44:55 GMT
age: 51615
etag: "c18884ce9370c97e6b4e12ab0f827d68a1938bfa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gshock-vietnam.vn/
112.78.1.97301 Moved Permanently 8.4 kB IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10f54d1625147d074c29bdff1897ef8f
d1359b0dcf6974d685b5c55c5789810863cce7cd
6431d25310697b4455f3e9487a11415f082d05e02d33b29cad3c8862ece28322
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 23 Nov 2022 12:05:09 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-redirect-by: WordPress
set-cookie: PHPSESSID=84665v62e4h461mm9a7cdv1hik; path=/
location: https://www.gshock-vietnam.vn/
x-cache-status: MISS
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 050f43f830803646a2ece48e01ac8d24
d359314799f8873b35580dd5f8c64b75dfa4ffe3
d4ad8c9e5e1fe428c55c02e567aba32664055f8a881ee6aff8438c3a09124f3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6475
x-amzn-requestid: b3f37508-ce80-4bfd-8f40-d98c1ee57f7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQlaF-9IAMFh8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e22-42b6d99c69142d1e37161d69;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:02:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PZE1jHafMw2Qp-hgWemayemh8jLD57th6a2hD55aLhj4KSyjR-rvmQ==
via: 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:15:53 GMT
age: 17357
etag: "d359314799f8873b35580dd5f8c64b75dfa4ffe3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/
112.78.1.97200 OK 27 kB IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash ca43ebc2ecbedc3e1f1718809026cdc6
9c521c9988e12a2a3ed7d4b3ddfa438609c5fb40
5f18fa84bd85ff239540b8d14eed00b4de2b09e9064dd8cf3684f7a3002f4821
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/html; charset=UTF-8
content-length: 27272
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.gshock-vietnam.vn/wp-json/>; rel="https://api.w.org/", <https://www.gshock-vietnam.vn/wp-json/wp/v2/pages/369>; rel="alternate"; type="application/json", <https://www.gshock-vietnam.vn/>; rel=shortlink
set-cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; path=/
vary: Accept-Encoding
content-encoding: gzip
x-cache-status: MISS
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-831407616
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-831407616
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 4cd815769256f7905b38e7aff771a19a
634858a3d1b9bb8bcc430c84a2c999a356187a34
9e35cff109fab660ddcc97b56e89969253090d2f170105d17298829c4da6d680
GET /gtag/js?id=AW-831407616 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 12:05:11 GMT
expires: Wed, 23 Nov 2022 12:05:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52988
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-145079288-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-145079288-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash da97a13c5569369aaacd0b2b8e77a690
5d6c0674d05d460daa19c9374699f6463f8689a6
caab14e9765eab3099028cd5b6e4561a68f9e2f12d295671b25bd16c546ec3df
GET /gtag/js?id=UA-145079288-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 12:05:11 GMT
expires: Wed, 23 Nov 2022 12:05:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43619
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 39e8389a584851a3beac1aec4fb1ec7a
90e15c1de2db9829d92c5ee2c2c380f557e94509
f9ff79327ec985eb27ea62e7608dd8de0ca9b4b3f450ef99222ffcdec8bf45e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9FF79327EC985EB27EA62E7608DD8DE0CA9B4B3F450EF99222FFCDEC8BF45E2"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10893
Expires: Wed, 23 Nov 2022 15:06:45 GMT
Date: Wed, 23 Nov 2022 12:05:12 GMT
Connection: keep-alive
www.gshock-vietnam.vn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
112.78.1.97200 OK 3.3 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (9937), with no line terminators
Hash a5c62eefab9116ad85dcf8dc1213114f
fb2621825315c36302a2c2ebf07fc7791688f60b
35aaaea8908b8b9762be63f01c69fec10b6b66cad24925bf018a8ce0d77d673a
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 18:25:21 GMT
etag: W/"63504111-26d1"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/css/classic-themes.min.css?ver=1
112.78.1.97200 OK 617 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/css/classic-themes.min.css?ver=1
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Hash a72d09efca7a130947acc8713cd896c0
e12a2d0dfaa33c439289b24fe2deac6b5c07aa50
a9aa320ee2a01f9d7fa087338efada88dd84b1b6de6dd65d1ebdcbcee74a91da
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 18:33:40 GMT
etag: W/"6362b804-d9"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
112.78.1.97200 OK 614 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (327)
Hash 89dc340a891f6ec118851f3f974e885d
0780de72663678c6f707ebb6c28f584d58b0e5af
918c8fb56eb1e372341128947997c7d3386de6733cc76108f5441dd5d8ebde92
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Mon, 16 Nov 2020 07:48:02 GMT
etag: W/"5fb22eb2-148"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3Aregular%2Cregular%2Cregular%2C500%2Cregular&display=swap&ver=3.9
142.250.74.10200 OK 12 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3Aregular%2Cregular%2Cregular%2C500%2Cregular&display=swap&ver=3.9
IP 142.250.74.10:0
Hash e81aa200ca9cd420085714bfe5341ce0
1663afb792ec88a56cf1ef5c3457624bf8fe50af
32c3e25642594b84606c0cfc5fa5200a96ca90ab6761813e3dabb37d85bc9d9d
GET /css?family=Roboto%3Aregular%2Cregular%2Cregular%2C500%2Cregular&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Nov 2022 12:05:11 GMT
date: Wed, 23 Nov 2022 12:05:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Hash e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gshock-vietnam.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:48:10 GMT
expires: Thu, 16 Nov 2023 18:48:10 GMT
cache-control: public, max-age=31536000
age: 580622
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gshock-vietnam.vn/wp-content/themes/edificevietnam/style.css?ver=3.0
112.78.1.97200 OK 16 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/themes/edificevietnam/style.css?ver=3.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Hash 4cae8b7bb5d87c33d5b835ee1080b022
9bbea1a84aa49990c06a3bd9e3bd7f3daa1f5b15
842cc0163c2437923d75331012ca14e5ff182c351f86ebee3c35d7b637839acb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/edificevietnam/style.css?ver=3.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: text/css
last-modified: Sun, 21 Jul 2019 08:38:34 GMT
etag: W/"5d34248a-12f"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
216.58.207.195200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gshock-vietnam.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:36:26 GMT
expires: Thu, 16 Nov 2023 19:36:26 GMT
cache-control: public, max-age=31536000
age: 577726
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
112.78.1.97200 OK 46 kB URL HTTP/2 www.gshock-vietnam.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (65447)
Hash 68f769f5db2bb9e0721256433ad4fad2
05389209759f2795945238416eea334b1782c562
b2b062b84c32c93e21bcc0b18f0be61b7b9af812b93eb0dbe272049f8c5ccc6a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 18:33:40 GMT
etag: W/"6362b804-15e54"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 12:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.autoads.asia/scripts/autoads-maxlead-widget.js?business_id=f6685fa394084cb98943016236c7dbb5
171.244.15.40200 OK 2.3 kB URL HTTP/1.1 cdn.autoads.asia/scripts/autoads-maxlead-widget.js?business_id=f6685fa394084cb98943016236c7dbb5
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 (with BOM) text, with very long lines (6384), with no line terminators
Hash 40852cdf248e435f4ebc6a32850ee0d1
f3505ec06b6ba427d18a3711e3ce2e747b911571
b5f7a8a6e3e4832a374966166086f3d25a32808033bc73bc9fa7698b70661b1a
GET /scripts/autoads-maxlead-widget.js?business_id=f6685fa394084cb98943016236c7dbb5 HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Expires: -1
Last-Modified: Fri, 25 Dec 2020 10:59:07 GMT
Accept-Ranges: bytes
ETag: "808f2af7acdad61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Wed, 23 Nov 2022 12:05:12 GMT
Content-Length: 2330
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn20_2; path=/
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
112.78.1.97200 OK 6.6 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type HTML document, ASCII text, with very long lines (3029), with no line terminators
Hash 077e0c51ff0fe62c57628ec419893b6b
156caad98765a989aeeeea441fbfebd5190a73d8
4648b12dbf518f73c0c97cbac6e30250cce6b252471cb41f80a6b6cea1a0632e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 18:24:10 GMT
etag: W/"636bf04a-bd5"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2019/08/logo_gshock_min.png
112.78.1.97200 OK 17 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2019/08/logo_gshock_min.png
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 1200 x 1200, 8-bit colormap, non-interlaced\012- data
Hash cde3aab5231e66cd6135ba63cbc4084d
0626da466565618a22ca1323738f4c26b6c237a3
e48e084483d2fd0c3c9674aaad2c2281a4982ded523424615c76ef4da6406747
GET /wp-content/uploads/2019/08/logo_gshock_min.png HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/png
content-length: 17440
last-modified: Tue, 27 Aug 2019 16:22:24 GMT
etag: "5d6558c0-4420"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
gshock-vietnam.vn/wp-content/uploads/2019/08/gfactory-1.jpg
112.78.1.97200 OK 23 kB URL HTTP/2 gshock-vietnam.vn/wp-content/uploads/2019/08/gfactory-1.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, xresolution=50, yresolution=58, resolutionunit=2], baseline, precision 8, 623x225, components 3\012- data
Hash 7264e334b89c59e98af7d3725c7bfaa4
9621f55b897547c7ebc52e9e8355ff1b13490986
5a0de5a82608210c2d66fd40066d8fd0671e50ee5fe4789d9b8d1945b9e1b10d
GET /wp-content/uploads/2019/08/gfactory-1.jpg HTTP/1.1
Host: gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=84665v62e4h461mm9a7cdv1hik
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/jpeg
content-length: 23179
last-modified: Thu, 29 Aug 2019 13:11:26 GMT
etag: "5d67cefe-5a8b"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/wpfront-scroll-top/images/icons/39.png
112.78.1.97200 OK 1.8 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/wpfront-scroll-top/images/icons/39.png
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 12b0c5f1f9853cf73006e2b82df8526f
e72461b85d336ae77c3ac812ba1e15103a5dd937
35fcc04d3f5b363d7d706fb2451fdd63fccb0a3c5e005f6138cffc10cfb11376
GET /wp-content/plugins/wpfront-scroll-top/images/icons/39.png HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/png
content-length: 1793
last-modified: Wed, 09 Mar 2022 03:56:54 GMT
etag: "62282586-701"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/yith-woocommerce-ajax-navigation/assets/css/shortcodes.css?ver=4.16.0
112.78.1.97200 OK 10 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/yith-woocommerce-ajax-navigation/assets/css/shortcodes.css?ver=4.16.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Hash 8613976aa8b6442760f4b2f002d932a4
2e29bc04924bb85ef2584d634f6b61bae0f4d121
43895a953b53cb4c5893dfd9be5ce431c078bf7e36b6cec998915300a387de8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-ajax-navigation/assets/css/shortcodes.css?ver=4.16.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Tue, 15 Nov 2022 18:22:28 GMT
etag: W/"6373d8e4-8e2e"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/09/z3707781314166_6a845a54785de3cd73fafeaa45559da0.jpg
112.78.1.97200 OK 325 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/09/z3707781314166_6a845a54785de3cd73fafeaa45559da0.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x816, components 3\012- data
Size 325 kB (325383 bytes)
Hash 2c30871b493e9377a501bc942804ce63
f11f8aa1339396da40c42fafa82e23040a40ccf6
3b0772babc57acb613cfb9d311968decb94dafd0a393cc6c17cf8c196bc38af3
GET /wp-content/uploads/2022/09/z3707781314166_6a845a54785de3cd73fafeaa45559da0.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/jpeg
content-length: 325383
last-modified: Fri, 09 Sep 2022 04:38:16 GMT
etag: "631ac338-4f707"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.3
112.78.1.97200 OK 48 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.3
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (19155)
Hash ff535d9e0b533c28298d0baa0630b4e7
0b48df3ad6d3faa30cbd8f5a4954b244aef0df77
199cb5d451df5867260444d2c78ae554e7dfab9322487929e08d9c6798ae8710
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.12.3 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 07:48:02 GMT
etag: W/"5fb22eb2-2a4c3"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.12.3
112.78.1.97200 OK 82 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.12.3
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type Unicode text, UTF-8 text, with very long lines (22286)
Hash 85e3ea34ea8a333fb7173f52e968f099
2a8c0cfec7ca69f225b6fae5710b74aba7f33923
c9dff1563ba973716a6148a76930093a1b213563e3e9ffeec380b58e6a0efe33
GET /wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.12.3 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: text/css
last-modified: Mon, 16 Nov 2020 07:48:02 GMT
etag: W/"5fb22eb2-5712"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/js/zxcvbn-async.min.js?ver=1.0
112.78.1.97200 OK 524 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/js/zxcvbn-async.min.js?ver=1.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (316)
Hash 176cd7cbbb2e39c19c0b66bdfc3bee9b
f7affcec7056666c9115e959d8fb2a93e7391a53
fc393b6c570944a58ae7a606c343ed9120fa619721346748f7ac45a712b0984d
GET /wp-includes/js/zxcvbn-async.min.js?ver=1.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 09:33:43 GMT
etag: W/"60780877-15f"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.autoads.asia/maxlead/1.6.x/scripts/autoads-maxlead-widget.js?business_id=f6685fa394084cb98943016236c7dbb5
171.244.15.40200 OK 59 kB URL HTTP/1.1 cdn.autoads.asia/maxlead/1.6.x/scripts/autoads-maxlead-widget.js?business_id=f6685fa394084cb98943016236c7dbb5
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65179), with no line terminators
Hash f781644d9fbf52d7c186c7080045451b
5121c43a966b320a44d03e1c040da1066fc44bd6
e11d0b7a24c02f47b12ba1b24cc84c06de6303776e30b5d4c4c0ce1838836a8b
GET /maxlead/1.6.x/scripts/autoads-maxlead-widget.js?business_id=f6685fa394084cb98943016236c7dbb5 HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Expires: -1
Last-Modified: Fri, 01 Jul 2022 06:58:59 GMT
Accept-Ranges: bytes
ETag: "80fbc39188dd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Wed, 23 Nov 2022 12:05:13 GMT
Content-Length: 59409
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn21_1; path=/
cdn.autoads.asia/PushNotification/AutoAdsPushNotifyNoneSDK.js
171.244.15.40200 OK 3.9 kB URL HTTP/1.1 cdn.autoads.asia/PushNotification/AutoAdsPushNotifyNoneSDK.js
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 (with BOM) text, with very long lines (11551), with no line terminators
Hash 52b239b7673761fa8324e791f38d7965
aa4c156bc467bda13d39041cf0e65c37dad79f6c
9946bf813a718803389020246cd92a358194f570c71cb1e03534a76ceccdf2fe
GET /PushNotification/AutoAdsPushNotifyNoneSDK.js HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Expires: -1
Last-Modified: Wed, 24 Feb 2021 08:56:27 GMT
Accept-Ranges: bytes
ETag: "806f76ef8aad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Wed, 23 Nov 2022 12:05:14 GMT
Content-Length: 3875
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn21_2; path=/
cdn.autoads.asia/maxlead/1.6.x/content/aml-widget.min.css?v=1.6.x
171.244.15.40200 OK 16 kB URL HTTP/1.1 cdn.autoads.asia/maxlead/1.6.x/content/aml-widget.min.css?v=1.6.x
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 6f25ae980e1b31bb83dea8727cc88f6c
a49249e0ba6760cad06b8d62c35d15476302f9df
f53e436441acbc54a91b67157f9bb0b72f96763cc7e6e8ce60f5380b6abb2e33
GET /maxlead/1.6.x/content/aml-widget.min.css?v=1.6.x HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/css
Content-Encoding: gzip
Expires: -1
Last-Modified: Thu, 08 Jul 2021 06:50:54 GMT
Accept-Ranges: bytes
ETag: "05bcc98c573d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Wed, 23 Nov 2022 12:05:14 GMT
Content-Length: 16408
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn20_1; path=/
api.autoads.asia/maxlead/api/widget/getdata?business_id=f6685fa394084cb98943016236c7dbb5&previewToken=
171.244.15.40200 OK 0 B URL HTTP/1.1 api.autoads.asia/maxlead/api/widget/getdata?business_id=f6685fa394084cb98943016236c7dbb5&previewToken=
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /maxlead/api/widget/getdata?business_id=f6685fa394084cb98943016236c7dbb5&previewToken= HTTP/1.1
Host: api.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-enter-journey,x-maxlead-ismobile,x-maxlead-ispostback
Referer: https://www.gshock-vietnam.vn/
Origin: https://www.gshock-vietnam.vn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.gshock-vietnam.vn
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-enter-journey,x-maxlead-ismobile,x-maxlead-ispostback
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 23 Nov 2022 12:05:14 GMT
Content-Length: 0
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=api21_2; path=/
alpha2.autoads.asia/js/autoads-tracking.js
171.244.15.40200 OK 1.8 kB URL HTTP/1.1 alpha2.autoads.asia/js/autoads-tracking.js
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 85c5ad182c81536e92f204bc0c63f4a4
9b3f06b6bdb62c549e5340b072b2ae37c6f95de6
2555da6178104f7afe86a4d4d5a28b2026d98534d939fe336212c5d9f30ca5e0
GET /js/autoads-tracking.js HTTP/1.1
Host: alpha2.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/javascript
Content-Encoding: gzip
Expires: -1
Last-Modified: Mon, 03 May 2021 08:05:54 GMT
Accept-Ranges: bytes
ETag: "05dbe23f33fd71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 23 Nov 2022 12:05:14 GMT
Content-Length: 1835
Strict-Transport-Security: max-age=31536000
api.autoads.asia/maxlead/api/widget/getdata?business_id=f6685fa394084cb98943016236c7dbb5&previewToken=
171.244.15.40200 OK 5.4 kB URL HTTP/1.1 api.autoads.asia/maxlead/api/widget/getdata?business_id=f6685fa394084cb98943016236c7dbb5&previewToken=
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5215), with no line terminators
Hash 9a41fdd95a15968ce9d95cc116e3b69d
8afdb2d27f824ec592b43aa5de198b9b4f01ceef
cc4401de3b62c852d7b0f7bb37be618fe350a1318ee42df4772e924d51519997
POST /maxlead/api/widget/getdata?business_id=f6685fa394084cb98943016236c7dbb5&previewToken= HTTP/1.1
Host: api.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
X-MaxLead-IsPostBack: false
X-MaxLead-IsMobile: false
X-Enter-Journey: null
Origin: https://www.gshock-vietnam.vn
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.gshock-vietnam.vn
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 23 Nov 2022 12:05:14 GMT
Content-Length: 5443
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=api21_2; path=/
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
112.78.1.97200 OK 68 kB URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (10435), with no line terminators
Hash fc55959c7f527feb2cd2382f869f3514
ddbcb558116a93e7df61abb8194d9335185793c3
ce9c12b98f93f72063a1d393048a80f5c57554e295f4882f46aa1cd2c9742827
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 18:24:09 GMT
etag: W/"636bf049-28c3"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.autoads.asia/maxlead//themes/tracking/index.html?origin=aHR0cHM6Ly93d3cuZ3Nob2NrLXZpZXRuYW0udm4=&url=aHR0cHM6Ly93d3cuZ3Nob2NrLXZpZXRuYW0udm4v&websiteId=55316&uid=&hasLead=false
171.244.15.40200 OK 1.7 kB URL HTTP/1.1 cdn.autoads.asia/maxlead//themes/tracking/index.html?origin=aHR0cHM6Ly93d3cuZ3Nob2NrLXZpZXRuYW0udm4=&url=aHR0cHM6Ly93d3cuZ3Nob2NrLXZpZXRuYW0udm4v&websiteId=55316&uid=&hasLead=false
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash ff646fe3baf026018cd26eb937ff0742
638784c59eaa6ab4af08a410b55a16d247b0808d
0ff7e81183e0fa8d5126b9104246492b1c99f175ec2ce4f4a1d190593af5f0f3
GET /maxlead//themes/tracking/index.html?origin=aHR0cHM6Ly93d3cuZ3Nob2NrLXZpZXRuYW0udm4=&url=aHR0cHM6Ly93d3cuZ3Nob2NrLXZpZXRuYW0udm4v&websiteId=55316&uid=&hasLead=false HTTP/1.1
Host: cdn.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Content-Encoding: gzip
Expires: -1
Last-Modified: Mon, 05 Jul 2021 08:22:10 GMT
Accept-Ranges: bytes
ETag: "06582d97671d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Wed, 23 Nov 2022 12:05:14 GMT
Content-Length: 1748
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=cdn21_2; path=/
api.autoads.asia/pushnotification/api/v1/GetPushConf?business_id=f6685fa394084cb98943016236c7dbb5
171.244.15.40200 OK 408 B URL HTTP/1.1 api.autoads.asia/pushnotification/api/v1/GetPushConf?business_id=f6685fa394084cb98943016236c7dbb5
IP 171.244.15.40:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with very long lines (408), with no line terminators
Hash 29fcf6f0e9970e6bc54996075db94de4
5ad15b416709b26cd903c36fdbc6348f7d61bc8c
9a738386a4cc8d952749b6a19bb05f3e044a9a1a3f8f5dcc43e6a8e297dbf61b
GET /pushnotification/api/v1/GetPushConf?business_id=f6685fa394084cb98943016236c7dbb5 HTTP/1.1
Host: api.autoads.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gshock-vietnam.vn/
Origin: https://www.gshock-vietnam.vn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 408
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: https://www.gshock-vietnam.vn
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 23 Nov 2022 12:05:15 GMT
Strict-Transport-Security: max-age=31536000
Set-Cookie: SRVNAME=api20_2; path=/
www.gshock-vietnam.vn/wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Mon, 16 Nov 2020 07:42:09 GMT
etag: W/"5fb22d51-777f"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/GA-110JAH22-2A.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/GA-110JAH22-2A.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/GA-110JAH22-2A.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/jpeg
content-length: 249129
last-modified: Tue, 11 Oct 2022 06:40:35 GMT
etag: "63450fe3-3cd29"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/DW-B5600G-2.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/DW-B5600G-2.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/DW-B5600G-2.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/jpeg
content-length: 249685
last-modified: Mon, 10 Oct 2022 12:22:51 GMT
etag: "63440e9b-3cf55"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 18:26:11 GMT
etag: W/"628e74c3-194b"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.3
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.3
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.12.3 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Mon, 16 Nov 2020 07:48:02 GMT
etag: W/"5fb22eb2-23a2b"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/quick-call-button/assets/js/drag-quick-call-button.js?ver=6.1.1
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/quick-call-button/assets/js/drag-quick-call-button.js?ver=6.1.1
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/quick-call-button/assets/js/drag-quick-call-button.js?ver=6.1.1 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Mon, 08 Mar 2021 18:37:10 GMT
etag: W/"60466ed6-110"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-admin/js/password-strength-meter.min.js?ver=6.1.1
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-admin/js/password-strength-meter.min.js?ver=6.1.1
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-admin/js/password-strength-meter.min.js?ver=6.1.1 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Mar 2022 08:32:16 GMT
etag: W/"62286610-463"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=7.1.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=7.1.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=7.1.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 18:24:10 GMT
etag: W/"636bf04a-7e4"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2020/10/GMW-B5000G-1.png
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2020/10/GMW-B5000G-1.png
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2020/10/GMW-B5000G-1.png HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/png
content-length: 276352
last-modified: Thu, 22 Oct 2020 11:48:56 GMT
etag: "5f9171a8-43780"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2019/09/bg-2.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2019/09/bg-2.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2019/09/bg-2.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/jpeg
content-length: 218172
last-modified: Fri, 06 Sep 2019 08:26:24 GMT
etag: "5d721830-3543c"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 18:26:11 GMT
etag: W/"628e74c3-5db"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.12.3
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.12.3
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.12.3 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 07:48:02 GMT
etag: W/"5fb22eb2-3967"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 18:33:40 GMT
etag: W/"6362b804-459f"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/GA-110SS-1A.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/GA-110SS-1A.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/GA-110SS-1A.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/jpeg
content-length: 261561
last-modified: Tue, 11 Oct 2022 05:47:34 GMT
etag: "63450376-3fdb9"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/GA-2110SC-4A.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/GA-2110SC-4A.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/GA-2110SC-4A.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/jpeg
content-length: 215255
last-modified: Tue, 11 Oct 2022 04:38:54 GMT
etag: "6344f35e-348d7"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2019/09/GMW-B5000G-2.png
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2019/09/GMW-B5000G-2.png
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2019/09/GMW-B5000G-2.png HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/png
content-length: 301747
last-modified: Tue, 17 Sep 2019 09:05:48 GMT
etag: "5d80a1ec-49ab3"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 18:24:09 GMT
etag: W/"636bf049-39996"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=1.0.9-wc.7.1.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=1.0.9-wc.7.1.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=1.0.9-wc.7.1.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 18:24:10 GMT
etag: W/"636bf04a-12cfc"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/libs/infinite-scroll.pkgd.min.js?ver=3.0.4
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/themes/flatsome/assets/libs/infinite-scroll.pkgd.min.js?ver=3.0.4
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/flatsome/assets/libs/infinite-scroll.pkgd.min.js?ver=3.0.4 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 07:48:02 GMT
etag: W/"5fb22eb2-63b1"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/DW-B5600G-1.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/DW-B5600G-1.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/DW-B5600G-1.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/jpeg
content-length: 192202
last-modified: Mon, 10 Oct 2022 12:27:44 GMT
etag: "63440fc0-2eeca"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 18:24:10 GMT
etag: W/"636bf04a-b7a"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/css/select2.css?ver=7.1.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/css/select2.css?ver=7.1.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/select2.css?ver=7.1.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: text/css
last-modified: Wed, 09 Nov 2022 18:24:10 GMT
etag: W/"636bf04a-3917"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/yith-woocommerce-ajax-navigation/assets/js/yith-wcan-shortcodes.min.js?ver=4.16.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/yith-woocommerce-ajax-navigation/assets/js/yith-wcan-shortcodes.min.js?ver=4.16.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-ajax-navigation/assets/js/yith-wcan-shortcodes.min.js?ver=4.16.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 18:22:28 GMT
etag: W/"6373d8e4-914d"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2019/09/GST-B200D-1A.png
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2019/09/GST-B200D-1A.png
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2019/09/GST-B200D-1A.png HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/png
content-length: 364440
last-modified: Tue, 17 Sep 2019 09:06:50 GMT
etag: "5d80a22a-58f98"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 18:24:36 GMT
etag: W/"63752ae4-172a9"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/GM-2100SS-1A.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/GM-2100SS-1A.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/GM-2100SS-1A.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/jpeg
content-length: 250479
last-modified: Tue, 11 Oct 2022 04:29:43 GMT
etag: "6344f137-3d26f"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/DW-5610SC-2.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/DW-5610SC-2.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/DW-5610SC-2.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/jpeg
content-length: 199954
last-modified: Tue, 11 Oct 2022 02:29:45 GMT
etag: "6344d519-30d12"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/09/z3707781314166_6a845a54785de3cd73fafeaa45559da0-1400x595.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/09/z3707781314166_6a845a54785de3cd73fafeaa45559da0-1400x595.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/09/z3707781314166_6a845a54785de3cd73fafeaa45559da0-1400x595.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/jpeg
content-length: 174964
last-modified: Fri, 09 Sep 2022 04:38:17 GMT
etag: "631ac339-2ab74"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Mar 2022 08:32:17 GMT
etag: W/"62286611-2bd8"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.3
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.3
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.3 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 07:48:02 GMT
etag: W/"5fb22eb2-3e04"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 18:26:11 GMT
etag: W/"628e74c3-48b9"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/DW-B5600G-7.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/DW-B5600G-7.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/DW-B5600G-7.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/jpeg
content-length: 160345
last-modified: Mon, 10 Oct 2022 12:07:30 GMT
etag: "63440b02-27259"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/themes/flatsome/inc/extensions/flatsome-infinite-scroll/flatsome-infinite-scroll.js?ver=1.5
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/themes/flatsome/inc/extensions/flatsome-infinite-scroll/flatsome-infinite-scroll.js?ver=1.5
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/themes/flatsome/inc/extensions/flatsome-infinite-scroll/flatsome-infinite-scroll.js?ver=1.5 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Mon, 16 Nov 2020 07:48:02 GMT
etag: W/"5fb22eb2-b2a"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 25 May 2022 18:26:11 GMT
etag: W/"628e74c3-132e"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/quick-call-button/assets/js/jquery-ui.js?ver=6.1.1
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/quick-call-button/assets/js/jquery-ui.js?ver=6.1.1
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/quick-call-button/assets/js/jquery-ui.js?ver=6.1.1 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Mon, 08 Mar 2021 18:37:10 GMT
etag: W/"60466ed6-4e9b1"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 18:33:40 GMT
etag: W/"6362b804-27f6"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2019/08/GG-B100-1A3-1.png
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2019/08/GG-B100-1A3-1.png
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2019/08/GG-B100-1A3-1.png HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/png
content-length: 52862
last-modified: Thu, 29 Aug 2019 08:10:39 GMT
etag: "5d67887f-ce7e"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2019/08/GA-2000-1A9-11.png
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2019/08/GA-2000-1A9-11.png
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2019/08/GA-2000-1A9-11.png HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/png
content-length: 48823
last-modified: Thu, 29 Aug 2019 08:21:33 GMT
etag: "5d678b0d-beb7"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/GA-B001-1A.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/GA-B001-1A.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/GA-B001-1A.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/jpeg
content-length: 176078
last-modified: Tue, 11 Oct 2022 03:41:02 GMT
etag: "6344e5ce-2afce"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/accounting/accounting.min.js?ver=0.4.2
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/accounting/accounting.min.js?ver=0.4.2
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/accounting/accounting.min.js?ver=0.4.2 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 18:24:10 GMT
etag: W/"636bf04a-cd3"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 18:24:10 GMT
etag: W/"636bf04a-85b"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 18:25:21 GMT
etag: W/"63504111-3016"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 18:24:10 GMT
etag: W/"636bf04a-2521"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/09/z3707780545667_7687b4c22b6e7708610d5082cc1103ca.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/09/z3707780545667_7687b4c22b6e7708610d5082cc1103ca.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/09/z3707780545667_7687b4c22b6e7708610d5082cc1103ca.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: image/jpeg
content-length: 246809
last-modified: Fri, 09 Sep 2022 04:38:13 GMT
etag: "631ac335-3c419"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2021/02/GST-S330AC-2A.png
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2021/02/GST-S330AC-2A.png
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2021/02/GST-S330AC-2A.png HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/png
content-length: 424649
last-modified: Sat, 27 Feb 2021 08:36:32 GMT
etag: "603a0490-67ac9"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/uploads/2022/10/GM-5600SS-1.jpg
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/uploads/2022/10/GM-5600SS-1.jpg
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/uploads/2022/10/GM-5600SS-1.jpg HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap; _gcl_au=1.1.1242536859.1669205113
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:13 GMT
content-type: image/jpeg
content-length: 238497
last-modified: Mon, 10 Oct 2022 11:58:56 GMT
etag: "63440900-3a3a1"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.7.08086 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Wed, 09 Mar 2022 03:56:54 GMT
etag: W/"62282586-1ab"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:11 GMT
content-type: text/css
last-modified: Wed, 19 Oct 2022 18:25:21 GMT
etag: W/"63504111-aab"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.6
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.6
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/quick-call-button/assets/css/quick-call-button.css?ver=1.2.6 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: text/css
last-modified: Mon, 08 Mar 2021 18:37:10 GMT
etag: W/"60466ed6-1ba2"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/quick-call-button/assets/js/jquery.ui.touch-punch.min.js?ver=6.1.1
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/quick-call-button/assets/js/jquery.ui.touch-punch.min.js?ver=6.1.1
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/quick-call-button/assets/js/jquery.ui.touch-punch.min.js?ver=6.1.1 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Mon, 08 Mar 2021 18:37:10 GMT
etag: W/"60466ed6-50b"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 18:24:10 GMT
etag: W/"636bf04a-72a"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.gshock-vietnam.vn/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086
112.78.1.97200 OK 0 B URL HTTP/2 www.gshock-vietnam.vn/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086
IP 112.78.1.97:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.7.08086 HTTP/1.1
Host: www.gshock-vietnam.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gshock-vietnam.vn/
Cookie: PHPSESSID=5k92gdstl55cfb2krn8lrc0jap
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 12:05:12 GMT
content-type: application/javascript
last-modified: Wed, 09 Mar 2022 03:56:54 GMT
etag: W/"62282586-719"
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2