r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5478
Expires: Fri, 18 Nov 2022 00:06:14 GMT
Date: Thu, 17 Nov 2022 22:34:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash be1be806b5dca7facbb45a6c3db44652
7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4
1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4616
Cache-Control: max-age=134003
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 22:34:56 GMT
Etag: "63760d7b-1d7"
Expires: Sat, 19 Nov 2022 11:48:19 GMT
Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6995
Expires: Fri, 18 Nov 2022 00:31:31 GMT
Date: Thu, 17 Nov 2022 22:34:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 17 Nov 2022 21:44:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2999
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5j5aPIBm1t3/7x3UKN+mEhv4iwxtOhUPjV/5KIsNLETS84Qti59eJZoX34c88m2oxmu7MpE9rUY=
x-amz-request-id: YTTXDF1RJ35TPY8T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 17 Nov 2022 21:52:38 GMT
age: 2538
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 22:34:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
vietroll.vn/wp-content/k9tstiw1coskyjojxd
103.77.162.11301 Moved Permanently 707 B URL HTTP/1.1 vietroll.vn/wp-content/k9tstiw1coskyjojxd
IP 103.77.162.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/k9tstiw1coskyjojxd HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 17 Nov 2022 22:34:56 GMT
server: LiteSpeed
location: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
vary: Accept-Encoding
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 17 Nov 2022 21:44:49 GMT
cache-control: public,max-age=3600
age: 3008
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c10055ce87434f700ff8b20e3be1f919
477b3c9f1da0c464282bb54572737e76b6e346da
4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1264
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 22:34:57 GMT
Last-Modified: Thu, 17 Nov 2022 22:13:53 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.200.107.47101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.107.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XwuQJTgea/4f73JGEAw/mA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CpHkmVc1GWu8Btw826s9qd5xVeE=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9742
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 22:34:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9742
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 22:34:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9742
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 22:34:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: ae092a0a-1709-4497-9f07-0348a28d2491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqZOIEN7oAMFlaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637408c0-5ac595df302a8f1d3703ad8d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:46:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c_SJMaV3uYSUysTSOFV--jQqDUxw-fBp8cXWWUZw9vUjt0d6PsOpxA==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 02:49:36 GMT
age: 71122
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d44c091-52da-4eae-8a5b-f376d6b63e56.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d44c091-52da-4eae-8a5b-f376d6b63e56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce1e042758fce03f4a8397f95b1ce5db
5f17669b66ddc31ab9e0f34a67c4fec78fc481d1
ff5dba7f1d84eccd80258c32d63c7898c675bda09de0d15b00c7d99c3878c8fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d44c091-52da-4eae-8a5b-f376d6b63e56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7231
x-amzn-requestid: eeaebeae-e22f-4a56-9dcf-c358ca2f4417
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9VlEHDoAMFVZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8f0-7d3531e827495676679b1c83;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:40 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pzqmjsJGnpPXoGyqNH92ncZunc-iuH9U62BlQWJZhig5rw5RBjgQvw==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:50 GMT
age: 2348
etag: "5f17669b66ddc31ab9e0f34a67c4fec78fc481d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44ba3263-9329-4559-836c-276171e025ed.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44ba3263-9329-4559-836c-276171e025ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86031fc92c8180ae6e705b264f22a3db
218a3019acb40a251de89c66b42cba265f4554e8
b3f4c1825d35cae0c3a5f4de5ea26a9175a4ae03b16738e909353365acd3a73b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44ba3263-9329-4559-836c-276171e025ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6637
x-amzn-requestid: b821413a-b325-40bb-9b89-30707f71e661
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7vETlIAMFTMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7e-1f1856e545d5c6521385a4de;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xe8OcDgFv6akQwAdoXVtB6Dp288li05jmMJlshlERoQeENkABsmDRQ==
via: 1.1 b04d82bf2bc15ab146955a862be263f0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:40 GMT
age: 2538
etag: "218a3019acb40a251de89c66b42cba265f4554e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14649d486602810c1b218b96b27b2cc4
96c6cbfe31e7247c64dfa8c3759967627f8c6286
80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: 3739b8f5-bb0c-4798-a931-e955dd6df81d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MiGFxoAMFlxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa50-74c24a2f737634b655a5b47c;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d_bLYyZzi1phYwQ2e5uvUmzO0GuvNu9Ubi2PQ0ChilQJegKr3uUiRw==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:53 GMT
etag: "96c6cbfe31e7247c64dfa8c3759967627f8c6286"
content-type: image/jpeg
age: 2345
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb30d05c7-3d7a-4a88-a222-4412f1b83897.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb30d05c7-3d7a-4a88-a222-4412f1b83897.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b0ef860a3b4eed3cf0fdca6e9a52b78
e0c4d9f0a3dd1fa6a9c4f43106b316e9154bebee
f478959aeb876f93f784194e56a9e3964cdb02465b203c4640a2bbb386689e1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb30d05c7-3d7a-4a88-a222-4412f1b83897.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6972
x-amzn-requestid: a51fcd41-d047-4aa6-b917-e8d1c1f846ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9VvEnHoAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8f1-7cac67d1723387c40d1af743;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zThnBpkUmGgiJR-VL7RoAXg5P42LaLa5URs-4Fpt_sRwGtun82VOxQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:06:38 GMT
age: 1700
etag: "e0c4d9f0a3dd1fa6a9c4f43106b316e9154bebee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2b393e36ee2c9649d90db136aa49542
e88c5832ff0c49bab181d948c3a510d88343bb6f
8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:40 GMT
age: 2538
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d6ec8dee2a1996c177b49398a45a4267
24de47e193eeba292a97cec6bca644c8188083b5
d371e3106f15dc34c50c96383c339653902a797faeeb4685c51eaaa506d59003
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 22:35:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-212561384-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-212561384-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 103e1cd9d94a226513bf2eaa5f28a3ba
cb1052828097ad5d71987b7425f1e39b6684ff02
3d2fcd1f8ccd84983af1fc23c8266f7a2098b55fa2655e737e1a865e7943d977
GET /gtag/js?id=UA-212561384-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 17 Nov 2022 22:35:02 GMT
expires: Thu, 17 Nov 2022 22:35:02 GMT
cache-control: private, max-age=900
last-modified: Thu, 17 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d6ec8dee2a1996c177b49398a45a4267
24de47e193eeba292a97cec6bca644c8188083b5
d371e3106f15dc34c50c96383c339653902a797faeeb4685c51eaaa506d59003
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 22:35:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vietroll.vn/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
103.77.162.11200 OK 8.1 kB URL HTTP/2 vietroll.vn/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8
IP 103.77.162.11:0
File type Unicode text, UTF-8 text, with very long lines (29677)
Hash 94816d5978ddc9ea9b99529b0df33900
cdd5c13a34ac09bef821aa64c7ec9e34bda6052e
4e6fd88eff0b6f5dc1e0a23bdf0b2c6b35f44e38615781531923614851f59ea6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.7.8 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 17:05:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 8146
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.4.3
103.77.162.11200 OK 911 B URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.4.3
IP 103.77.162.11:0
File type ASCII text, with very long lines (3276), with no line terminators
Hash 5d670b5def8387bbd5e614f9d309a592
586928ec81bdc4f13d851e7a5c7915ec9f343512
f45ed68d669ede39822d665dbfbe36381eb01bf9e3c38f1ac40e9fb50098973c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.4.3 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 03:25:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 911
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.4.3
103.77.162.11200 OK 18 kB URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.4.3
IP 103.77.162.11:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 64f293be0985484e1634368bc756ec56
55644171b2139baf5c48a53cfbe0e16f8dee1f22
c284816558860cf0b41df7cd0c9068c2235a1e82b8f037ca2090044285502681
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.4.3 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 03:25:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 17637
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6
103.77.162.11200 OK 12 kB URL HTTP/2 vietroll.vn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6
IP 103.77.162.11:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 31a2646ef4aaa5e3ab233c248ceb8d4c
fca77b634f6c3d889a17e6c3c92c1151099c5842
dc1cb2ac65eb0c9a2d68304b118673af23f02bf948326c26ccb37e2965e8ff47
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 04:44:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 12411
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.1.0
103.77.162.11200 OK 2.4 kB URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.1.0
IP 103.77.162.11:0
File type Unicode text, UTF-8 text, with very long lines (17923), with no line terminators
Hash ec41958d4b8e3f562fd97efea3e9a63e
550251108c88e60743ce55b0938aaf41f62c29bd
54bcac6e842100dfe2b97bdbebd393f71d934adc136eba5ddcc8174804b4fc5a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=5.1.0 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 03:25:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2373
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.1.0
103.77.162.11200 OK 8.4 kB URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.1.0
IP 103.77.162.11:0
File type Unicode text, UTF-8 text, with very long lines (62789), with no line terminators
Hash 9834791a56176f4340f5a795e699c0f4
efd08256f0b0c0add6b6759f29b20087c47a7eb6
264b381ca91c85d7ce5b9863f439be26c19c2d6fa75a2c7a6b486cb3f24892d5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=5.1.0 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 03:25:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 8444
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/twist/assets/css/slick-theme.css?ver=5.7.8
103.77.162.11200 OK 625 B URL HTTP/2 vietroll.vn/wp-content/plugins/twist/assets/css/slick-theme.css?ver=5.7.8
IP 103.77.162.11:0
Hash dae01aaa0fcd4eef367d0c1b1aed8de6
533299faecc22cb1155691a4258cd6e61b6d121e
bb16717f1d753555f611801871d627d10ce676eeeb27fd7412c0dab2d35b6878
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/twist/assets/css/slick-theme.css?ver=5.7.8 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 03:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 625
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/twist/assets/css/slick.css?ver=5.7.8
103.77.162.11200 OK 488 B URL HTTP/2 vietroll.vn/wp-content/plugins/twist/assets/css/slick.css?ver=5.7.8
IP 103.77.162.11:0
Hash 16f33e31e58e45437ab5a9b6b8c80fc0
796b2f121d20ec42aa83178d145170f5438488aa
dd67893335a0469f50c1472d0f52cbd8b4bec2de41ae4827ecb39afee92f7485
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/twist/assets/css/slick.css?ver=5.7.8 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 03:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 488
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/twist/assets/css/wpgs-style.css?ver=3.2
103.77.162.11200 OK 1.6 kB URL HTTP/2 vietroll.vn/wp-content/plugins/twist/assets/css/wpgs-style.css?ver=3.2
IP 103.77.162.11:0
Hash e3bc612200030de8925744037dfbe34f
c7320e2bddd8e9d010059bd6e72b5eb76fc41639
0a02d628220551b011c2c2ee1509ce0c84e67736f77a4393e07c6046944e453b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/twist/assets/css/wpgs-style.css?ver=3.2 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 03:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1617
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/css/theme.min.css?ver=0.9.4.1612145532
103.77.162.11200 OK 36 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap/css/theme.min.css?ver=0.9.4.1612145532
IP 103.77.162.11:0
File type ASCII text, with very long lines (65307)
Hash 63a1cd03c7f3b4920b3c0f6f850816f5
7ef1343be6db381cd475743a1a7e7a000adaaa0f
b1532a652c6e9c7135ba2b9a0adbd42b3f7efadcd49491155650a9b8b1e1c128
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/css/theme.min.css?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Mon, 01 Feb 2021 02:12:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 36314
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/font-awesome-5.11.2/css/all.min.css?ver=0.9.4.1612145532
103.77.162.11200 OK 30 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap/font-awesome-5.11.2/css/all.min.css?ver=0.9.4.1612145532
IP 103.77.162.11:0
File type ASCII text, with very long lines (65393)
Hash ccbc29441066a5535702efb5fccc39fa
2f594c30db115837b9f6e8afff1efdb3684b3e5b
3da6a22a494cfd7ce95d6403cf0bfa0d60ce47dc1fd0f133c00609e05d3da233
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/font-awesome-5.11.2/css/all.min.css?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Mon, 01 Feb 2021 06:56:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 30124
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/css/custom/menu-right.css?ver=0.9.4.1612145532
103.77.162.11200 OK 2.7 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap/css/custom/menu-right.css?ver=0.9.4.1612145532
IP 103.77.162.11:0
File type ASCII text, with very long lines (338)
Hash c30d98c42e47472131998fd9a92fa3e3
f63eaefd6565b7373556b4b63201559499b07396
c812789604cc15a1af0c5c17f379a25a0be363f024699f62d7fbcdac2abd4f36
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/css/custom/menu-right.css?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 09:08:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2705
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/css/custom/header.css?ver=0.9.4.1612145532
103.77.162.11200 OK 1.4 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap/css/custom/header.css?ver=0.9.4.1612145532
IP 103.77.162.11:0
Hash 7e591bec931f9b4254999b99024654af
347145543175cb85c1799121b8c47bb69b322aa4
32bcc52c85f888b939820f6c366e2040d2202530b2c6cdaed89b8f1159ceb1a7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/css/custom/header.css?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Thu, 17 Feb 2022 07:49:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1394
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/css/custom/footer.css?ver=0.9.4.1612145532
103.77.162.11200 OK 1.1 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap/css/custom/footer.css?ver=0.9.4.1612145532
IP 103.77.162.11:0
File type assembler source, ASCII text
Hash 4f2e9918984dcdbe608f0a68dc1777ce
e6a934726c9223bf2f67d36ed494063ad9f593eb
e955d34e5dab94e08456e176b48b481a43b1e46cf17f0b50cf859d74ee4b35e0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/css/custom/footer.css?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 10:08:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1122
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/css/custom/main.css?ver=0.9.4.1612145532
103.77.162.11200 OK 3.4 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap/css/custom/main.css?ver=0.9.4.1612145532
IP 103.77.162.11:0
Hash 7f052f9debce03d3f7aea3e47db83eaa
e959617ae1a75cb7745d91ec4d75ee933ae0b278
ce4c47d66791f0a6c1dcefbc0c50474ac92cb33618d21212a5a05e9e7864e4d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/css/custom/main.css?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: text/css
last-modified: Tue, 22 Feb 2022 02:04:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3376
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
103.77.162.11200 OK 3.2 kB URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 103.77.162.11:0
File type ASCII text, with very long lines (9081)
Hash 700d3ca3b6f3e00a4c59f7ca3353e5ac
c4fb56a1dd52567489e3c35030fcbc430ec9d371
513764573155698d580bfcbb7c0d6f02cfef9326ae4b4809148b915103ffe895
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 03:25:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3232
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.1.0
103.77.162.11200 OK 970 B URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.1.0
IP 103.77.162.11:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 155d874ef60217f790dedec58e83d832
42a2698adec25b2000046cf7e3818e6478951fc3
c6801f4d5dcdd86ba3e33dc35a8765c03fd55e9f621443dd0fb7cd8c8e6707da
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.1.0 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 03:25:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 970
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.4.1
103.77.162.11200 OK 321 B URL HTTP/2 vietroll.vn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.4.1
IP 103.77.162.11:0
Hash 159e4731a0ffba6862ee2a1bbcc8a805
7fb2a5ca7a80d96187fda406d0a1b7db23867fa7
c6f102a76dc397d94cfbadcd292d64bb45acaa29b0391b41a9f1cc68c2274ae2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.4.1 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Thu, 11 Mar 2021 08:00:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 321
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
103.77.162.11200 OK 899 B URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 103.77.162.11:0
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 03:25:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 899
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.1.0
103.77.162.11200 OK 670 B URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.1.0
IP 103.77.162.11:0
File type ASCII text, with very long lines (2066), with no line terminators
Hash 82a4bb80f29fd8b251ac026d682f1529
0f9f3105ae887d44bbc296ddadd171ba3ee2e75e
95516630f841e1de482eba3c4bcc57991bbe6dbb13d88bb5a2583669d29a01a5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.1.0 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 03:25:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 670
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.1.0
103.77.162.11200 OK 934 B URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.1.0
IP 103.77.162.11:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash ef8ddf2830341f13634a12266fa9813f
45c12d8b054261b0597ffdb97ff55f8ab7a913c4
698fbd0089cafb0659518bf2359ce5c990e71c9a543338fdc7b1595ee11ade22
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.1.0 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 03:25:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 934
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/twist/assets/js/slick.min.js
103.77.162.11200 OK 10 kB URL HTTP/2 vietroll.vn/wp-content/plugins/twist/assets/js/slick.min.js
IP 103.77.162.11:0
File type ASCII text, with very long lines (42862)
Hash 09ed72c756aef05979d1c10d176eeb7a
1f3c35043f1aae481a38b40327fefb959ff63885
8638bee02f96fc15e4a3dae0ae220e31f020ee0b10c8eb5f829d9986b3fc53c4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/twist/assets/js/slick.min.js HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 03:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 10097
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/twist/assets/js/public.js
103.77.162.11200 OK 1.2 kB URL HTTP/2 vietroll.vn/wp-content/plugins/twist/assets/js/public.js
IP 103.77.162.11:0
File type ASCII text, with CRLF line terminators
Hash 63999b9179c542c3f66b3641c8568721
572e0dd7c2ad71b98f0b6a496b94f1c92a6257b6
93f09bdd2767d672b27017fe4d7cbc2d50248971bc8a44715986ea8c1d651cda
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/twist/assets/js/public.js HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 03:25:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1234
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/js/theme.min.js?ver=0.9.4.1612145532
103.77.162.11200 OK 21 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap/js/theme.min.js?ver=0.9.4.1612145532
IP 103.77.162.11:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85533febe552ce9a9a739d359310d640
dcd7f2d409cd32426dada9b4f4371b20715bafab
b69d92f051e1eee988f024b7983c631de78a9a409c0b4f1352dd0f96dcbe001f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/js/theme.min.js?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Mon, 01 Feb 2021 02:12:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 21437
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.77.162.11200 OK 4.0 kB URL HTTP/2 vietroll.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.77.162.11:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 3995
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/js/custom/menu.js?ver=0.9.4.1612145532
103.77.162.11200 OK 366 B URL HTTP/2 vietroll.vn/wp-content/themes/understrap/js/custom/menu.js?ver=0.9.4.1612145532
IP 103.77.162.11:0
File type ASCII text, with CRLF line terminators
Hash aef0413f65daa315afb4495f4cf00c3c
5a9708452d1362365889bd1c153290373ade9868
5e550312c7c9e1dd0bdeb3b1351bf2a31e8c061adbde334ed69bd966e77ea7ab
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/js/custom/menu.js?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Mon, 01 Feb 2021 04:37:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 366
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/js/custom/slick-option.js?ver=0.9.4.1612145532
103.77.162.11200 OK 549 B URL HTTP/2 vietroll.vn/wp-content/themes/understrap/js/custom/slick-option.js?ver=0.9.4.1612145532
IP 103.77.162.11:0
Hash a88848181dbeffb69aed3a9aa80b4881
99ce9bb005906190aa1565323f4397eb500f3271
5a945c116a6e02d3a93e6fd1f85b1ecb46ba0f650276c07a842e5a797a03ca34
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/js/custom/slick-option.js?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 10:04:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 549
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/js/custom/main.js?ver=0.9.4.1612145532
103.77.162.11200 OK 844 B URL HTTP/2 vietroll.vn/wp-content/themes/understrap/js/custom/main.js?ver=0.9.4.1612145532
IP 103.77.162.11:0
Hash 0a9f798393915089b4709e4686d2248e
c16ca4e3712841a7e8515d8a1326f55734a2a7ef
155a1af229e1c842e1dae0eb48756d1e80401db1921d9329eb5882df10c75fbf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/js/custom/main.js?ver=0.9.4.1612145532 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Mon, 26 Jul 2021 09:43:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 844
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
103.77.162.11200 OK 2.6 kB URL HTTP/2 vietroll.vn/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
IP 103.77.162.11:0
File type ASCII text, with very long lines (7889)
Hash 38f598ed10cc662f33bcb2a719de6e52
7da764b9b7ff5b9679f0e4313fb5587252b54c2c
e99237b16aef4b9b118b75356607354192e33695c1e15372d9bb86bf07483db7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Wed, 02 Mar 2022 09:21:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 2570
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
103.77.162.11200 OK 30 kB URL HTTP/2 vietroll.vn/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP 103.77.162.11:0
File type ASCII text, with very long lines (65451)
Hash ef2cb9901cc106c049c57b6bb1c6eec4
3773a0684805600ac8a1c5543d0586e7f8b7e2de
386fc33b0d773cbabecd02bfa72605f417d337fcc8f26f5f919a8c7e6b7a5a0b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Wed, 07 Oct 2020 16:33:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 30287
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4
103.77.162.11200 OK 46 kB URL HTTP/2 vietroll.vn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4
IP 103.77.162.11:0
File type ASCII text, with very long lines (42889)
Hash 7b6e082bde2cd00810b3413baa28da45
4b18394c3ab61e2dae4eae87b00cdc74f2339447
30fe548881461bdef9c96b8faf55eaeeb8759dcb83049beef418e939b9f965b0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 04:44:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 45472
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/uploads/2022/02/cropped-cropped-vr-logo-vuong.png
103.77.162.11200 OK 22 kB URL HTTP/2 vietroll.vn/wp-content/uploads/2022/02/cropped-cropped-vr-logo-vuong.png
IP 103.77.162.11:0
File type PNG image data, 512 x 321, 8-bit/color RGBA, non-interlaced\012- data
Hash 313df48ee66b8567f55fa626c5b02a7a
0de7d892a626c1a82ef587863a11c1422e008eaf
8434e884abd9a4ab9f2ddbb0219e11017f8d4be94e294066eaa7a2a612f9b927
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/cropped-cropped-vr-logo-vuong.png HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Fri, 17 Mar 2023 22:35:02 GMT
content-type: image/png
last-modified: Thu, 10 Feb 2022 04:04:37 GMT
accept-ranges: bytes
content-length: 21585
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.1.0
103.77.162.11200 OK 1.1 kB URL HTTP/2 vietroll.vn/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.1.0
IP 103.77.162.11:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=5.1.0 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:03 GMT
content-type: text/css
last-modified: Tue, 13 Apr 2021 03:25:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 1058
date: Thu, 17 Nov 2022 22:35:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap//img/background-footer.jpg
103.77.162.11200 OK 83 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap//img/background-footer.jpg
IP 103.77.162.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1024x768, components 3\012- data
Hash d0e6e20532d4abe4d0fea24f504b8e70
e02dad89d9733dc607a8d64daf96d41a9473b57b
a388126cf0a046825efec4bd1bc4210c013dc510048a95b91f45f5ca2fe37dff
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap//img/background-footer.jpg HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/themes/understrap/css/custom/footer.css?ver=0.9.4.1612145532
Cookie: pll_language=vi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Fri, 17 Mar 2023 22:35:03 GMT
content-type: image/jpeg
last-modified: Mon, 26 Apr 2021 03:15:41 GMT
accept-ranges: bytes
content-length: 83268
date: Thu, 17 Nov 2022 22:35:03 GMT
server: LiteSpeed
vary: Accept-Encoding
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/font-awesome-5.11.2/webfonts/fa-solid-900.woff2
103.77.162.11200 OK 130 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap/font-awesome-5.11.2/webfonts/fa-solid-900.woff2
IP 103.77.162.11:0
File type Web Open Font Format (Version 2), TrueType, length 129832, version 330.32636\012- data
Size 130 kB (129832 bytes)
Hash dbe8505cf4eb137c63b6c375e02c225e
e1b1db2ab291da9e9b17335580665c4fb5eddde9
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/font-awesome-5.11.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/themes/understrap/font-awesome-5.11.2/css/all.min.css?ver=0.9.4.1612145532
Cookie: pll_language=vi
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: Fri, 17 Mar 2023 22:35:03 GMT
content-type: font/woff2
last-modified: Mon, 01 Feb 2021 06:56:27 GMT
accept-ranges: bytes
content-length: 129832
date: Thu, 17 Nov 2022 22:35:03 GMT
server: LiteSpeed
vary: Accept-Encoding
X-Firefox-Spdy: h2
vietroll.vn/wp-content/themes/understrap/fonts/fontawesome-webfont.woff2?v=4.7.0
103.77.162.11200 OK 77 kB URL HTTP/2 vietroll.vn/wp-content/themes/understrap/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 103.77.162.11:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/understrap/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/themes/understrap/css/theme.min.css?ver=0.9.4.1612145532
Cookie: pll_language=vi
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000
expires: Fri, 17 Mar 2023 22:35:03 GMT
content-type: font/woff2
last-modified: Mon, 01 Feb 2021 02:12:11 GMT
accept-ranges: bytes
content-length: 77160
date: Thu, 17 Nov 2022 22:35:03 GMT
server: LiteSpeed
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 8d0f8a7b5d388a31b6a0c5355220eb12
68bcdd3241360576983c78a956a3854da2fe5be9
80952525c81058697103f9688cdbf628dee02284a1edc061784e3d54e780b2d8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 22:35:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 21 Nov 2022 20:40:59 GMT
ETag: "68bcdd3241360576983c78a956a3854da2fe5be9"
Last-Modified: Thu, 17 Nov 2022 20:41:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 27
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bbeff76c7b0b39-OSL
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 17 Nov 2022 20:41:09 GMT
expires: Thu, 17 Nov 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 6835
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1327847924&t=pageview&_s=1&dl=https%3A%2F%2Fvietroll.vn%2Fwp-content%2Fk9tstiw1coskyjojxd&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Vietroll%20CO.%2C%20LTD%20Official&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=560590743&gjid=1492724327&cid=1690911691.1668724503&tid=UA-212561384-1&_gid=439019978.1668724503&_r=1>m=2oub90&z=257279659
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1327847924&t=pageview&_s=1&dl=https%3A%2F%2Fvietroll.vn%2Fwp-content%2Fk9tstiw1coskyjojxd&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Vietroll%20CO.%2C%20LTD%20Official&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=560590743&gjid=1492724327&cid=1690911691.1668724503&tid=UA-212561384-1&_gid=439019978.1668724503&_r=1>m=2oub90&z=257279659
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1327847924&t=pageview&_s=1&dl=https%3A%2F%2Fvietroll.vn%2Fwp-content%2Fk9tstiw1coskyjojxd&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Vietroll%20CO.%2C%20LTD%20Official&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=560590743&gjid=1492724327&cid=1690911691.1668724503&tid=UA-212561384-1&_gid=439019978.1668724503&_r=1>m=2oub90&z=257279659 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://vietroll.vn
Connection: keep-alive
Referer: https://vietroll.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://vietroll.vn
date: Thu, 17 Nov 2022 22:35:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vietroll.vn/?wc-ajax=get_refreshed_fragments
103.77.162.11200 OK 162 B URL HTTP/2 vietroll.vn/?wc-ajax=get_refreshed_fragments
IP 103.77.162.11:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5497cc2e771c14c8a41c10609d55d1ca
b78661198194154b5b320fd36e293cdbcd354aa5
db3ff9160f2b44a3e10bf09e9315196812e0b597215dfabc889f28ff8fe984e5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://vietroll.vn
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Cookie: pll_language=vi
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
content-type: application/json; charset=UTF-8
cache-control: public, max-age=0
expires: Thu, 17 Nov 2022 22:35:04 GMT
content-length: 162
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
date: Thu, 17 Nov 2022 22:35:04 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
vietroll.vn/wp-content/uploads/2022/02/cropped-cropped-vr-logo-vuong-1-192x192.png
103.77.162.11200 OK 7.0 kB URL HTTP/2 vietroll.vn/wp-content/uploads/2022/02/cropped-cropped-vr-logo-vuong-1-192x192.png
IP 103.77.162.11:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a537f05bdc73ff4088fbc7d077429813
541c89091ae44a0acefd37fddb8ee8219f03115d
e03801205833368b920f319c76417b064ad543c7a81b1870d6330095420e9c7a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/cropped-cropped-vr-logo-vuong-1-192x192.png HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Cookie: pll_language=vi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Fri, 17 Mar 2023 22:35:04 GMT
content-type: image/png
last-modified: Thu, 17 Feb 2022 07:23:41 GMT
accept-ranges: bytes
content-length: 7030
date: Thu, 17 Nov 2022 22:35:04 GMT
server: LiteSpeed
vary: Accept-Encoding
X-Firefox-Spdy: h2
vietroll.vn/wp-content/uploads/2022/02/cropped-cropped-vr-logo-vuong-1-32x32.png
103.77.162.11200 OK 831 B URL HTTP/2 vietroll.vn/wp-content/uploads/2022/02/cropped-cropped-vr-logo-vuong-1-32x32.png
IP 103.77.162.11:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b03d2356dc4400e3fbb08c909253d695
e8738224fcd82762c548df13d017daf3f8e4598f
5a3210f98bb33892fedc9ab09ea03b30f2fd7f4a425e1713a76632e75850d8d6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/02/cropped-cropped-vr-logo-vuong-1-32x32.png HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Cookie: pll_language=vi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=10368000,public
expires: Fri, 17 Mar 2023 22:35:04 GMT
content-type: image/png
last-modified: Thu, 17 Feb 2022 07:23:41 GMT
accept-ranges: bytes
content-length: 831
date: Thu, 17 Nov 2022 22:35:04 GMT
server: LiteSpeed
vary: Accept-Encoding
X-Firefox-Spdy: h2
contents.bownow.jp/js/UTC_d5375b33ce6ab13e65f1/trace.js
52.68.170.221200 OK 0 B URL HTTP/2 contents.bownow.jp/js/UTC_d5375b33ce6ab13e65f1/trace.js
IP 52.68.170.221:0
GET /js/UTC_d5375b33ce6ab13e65f1/trace.js HTTP/1.1
Host: contents.bownow.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 22:35:04 GMT
content-type: text/javascript; charset=utf-8
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"ebd8a6f22ad2dc8a255a63382563e014"
cache-control: max-age=0, private, must-revalidate
set-cookie: _bownow_locale=en; path=/; expires=Mon, 17 Nov 2042 22:35:04 GMT; secure; SameSite=None
x-request-id: cf619890-3e69-4405-9146-e6d1663c50a5
x-runtime: 0.007138
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2
vietroll.vn/wp-content/k9tstiw1coskyjojxd
103.77.162.11404 Not Found 0 B URL HTTP/2 vietroll.vn/wp-content/k9tstiw1coskyjojxd
IP 103.77.162.11:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/k9tstiw1coskyjojxd HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://vietroll.vn/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
date: Thu, 17 Nov 2022 22:35:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
contents.bownow.jp/forms/sid_f318237e10bc710d58d1/trace.js
52.68.170.221200 OK 0 B URL HTTP/2 contents.bownow.jp/forms/sid_f318237e10bc710d58d1/trace.js
IP 52.68.170.221:0
GET /forms/sid_f318237e10bc710d58d1/trace.js HTTP/1.1
Host: contents.bownow.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 17 Nov 2022 22:35:04 GMT
content-type: text/javascript; charset=utf-8
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"6da985ffb37e38e7c9d1fbef66d5f1d2"
cache-control: max-age=0, private, must-revalidate
set-cookie: _bownow_locale=en; path=/; expires=Mon, 17 Nov 2042 22:35:04 GMT; secure; SameSite=None
bownow_cid=bd64aac1-4160-4cff-a9f8-2b2f07f2fe3f; domain=bownow.jp; path=/; expires=Mon, 17 Nov 2042 22:35:04 GMT; secure; HttpOnly; SameSite=None
x-request-id: 8349e0ad-79e1-469d-b46f-6c40b1427be0
x-runtime: 0.007027
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2
contents.bownow.jp/js/UTC_d5375b33ce6ab13e65f1/trace.js?referer=https%3A%2F%2Fvietroll.vn%2Fwp-content%2Fk9tstiw1coskyjojxd
52.68.170.221200 OK 0 B URL HTTP/2 contents.bownow.jp/js/UTC_d5375b33ce6ab13e65f1/trace.js?referer=https%3A%2F%2Fvietroll.vn%2Fwp-content%2Fk9tstiw1coskyjojxd
IP 52.68.170.221:0
GET /js/UTC_d5375b33ce6ab13e65f1/trace.js?referer=https%3A%2F%2Fvietroll.vn%2Fwp-content%2Fk9tstiw1coskyjojxd HTTP/1.1
Host: contents.bownow.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/
Cookie: _bownow_locale=en; bownow_cid=bd64aac1-4160-4cff-a9f8-2b2f07f2fe3f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 17 Nov 2022 22:35:04 GMT
content-type: text/javascript; charset=utf-8
server: nginx/1.20.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"85caf94ca82795ac08aa48ea8095a7e1"
cache-control: max-age=0, private, must-revalidate
set-cookie: _bownow_locale=en; path=/; expires=Mon, 17 Nov 2042 22:35:04 GMT; secure; SameSite=None
bownow_cid=bd64aac1-4160-4cff-a9f8-2b2f07f2fe3f; domain=bownow.jp; path=/; expires=Mon, 17 Nov 2042 22:35:04 GMT; secure; HttpOnly; SameSite=None
x-request-id: 061b64cb-853e-4fdc-b04e-8c11708b9059
x-runtime: 0.007036
strict-transport-security: max-age=63072000; includeSubDomains
X-Firefox-Spdy: h2
vietroll.vn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.6
103.77.162.11200 OK 0 B URL HTTP/2 vietroll.vn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.6
IP 103.77.162.11:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.6 HTTP/1.1
Host: vietroll.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vietroll.vn/wp-content/k9tstiw1coskyjojxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000,public
expires: Fri, 17 Nov 2023 22:35:02 GMT
content-type: application/javascript
last-modified: Tue, 13 Apr 2021 04:44:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,Accept-Encoding
content-length: 89947
date: Thu, 17 Nov 2022 22:35:02 GMT
server: LiteSpeed
X-Firefox-Spdy: h2