r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6734
Expires: Mon, 30 Jan 2023 12:44:17 GMT
Date: Mon, 30 Jan 2023 10:52:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4471
Expires: Mon, 30 Jan 2023 12:06:34 GMT
Date: Mon, 30 Jan 2023 10:52:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 10:35:42 GMT
content-type: application/json
age: 981
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10653
Expires: Mon, 30 Jan 2023 13:49:36 GMT
Date: Mon, 30 Jan 2023 10:52:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: G/znFtlKfzSVUPHHRX3CD9Smhz3aUEb63QE4+T2CvYEIZaF/ZXRNDGpg8w1RpoFwgntRUM0qsmU=
x-amz-request-id: BJENWBH4SDFZRZEK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 10:50:42 GMT
age: 81
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 10:52:03 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/
103.77.162.21301 Moved Permanently 707 B URL HTTP/1.1 sieuthidienmayxanh24h.com/
IP 103.77.162.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 30 Jan 2023 10:52:02 GMT
server: LiteSpeed
location: https://sieuthidienmayxanh24h.com/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 10:49:04 GMT
age: 179
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5366
Expires: Mon, 30 Jan 2023 12:21:30 GMT
Date: Mon, 30 Jan 2023 10:52:04 GMT
Connection: keep-alive
push.services.mozilla.com/
35.83.202.51101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.202.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7dBVUUA2UVAqI9dJSfJ/mQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QPwlPCE0jFoKsVkUWpQSOG/3IeA=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14822
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 10:52:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14822
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 10:52:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14822
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 10:52:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 46796
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d200552d23c85c199558b79cc24348f
8cc20b9ce98eeacd5b826268da24955a82e78a01
09b05ae6f75b5141401ddc49014e0eb2eac0856ba3b5020bc85f4a9a64d3d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 9f944a46-7e39-44c3-a640-3c7e9b778bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkoEEkJIAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7cd-4b29196f5bd1b2fb04e6363f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jdh2u-xrCjqq1SKWL7hCTqrlGRjbytuxecJS-cwiXb5FQypGKYbFzg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:35 GMT
age: 46590
etag: "8cc20b9ce98eeacd5b826268da24955a82e78a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3uybP14DBtrEK8ieNWHaQfz3Zl_JMl0_L9CGZgcusTjVCFIIaTpwIQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 00:23:18 GMT
age: 37727
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8d680cbaee5ef3e7b8e09b174ed6ecf
6651a0d3041920798240ea67e827c3d458769fa9
4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3678
x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEvE-RIAMFpmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or8AGZIZTzP_EuRHaCfCNrdPQIw2OQW37MKvOTFQIQgO0h18ct0-Xg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:34:10 GMT
age: 44275
etag: "6651a0d3041920798240ea67e827c3d458769fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 46604
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f49153c1aade8aa30bc6c84db4fa09d7
5cce4e085c87e7fbe82907694a36a91cc1bc9bfc
3285916959352e77cdbea34515dad3b3a0315b74bca7f45a8e5a2de4661203e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6646
x-amzn-requestid: c8a7d4b9-1a13-41c1-8391-853f03f3150c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRsHiaIAMF4Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49271-634529cc6844e70829b5750f;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lp-314neKbpq8Kr5i_4i0fsRDVAIruvwGr8gHq-x45yXJtbesqRAsA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 04:09:50 GMT
age: 24135
etag: "5cce4e085c87e7fbe82907694a36a91cc1bc9bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.7.2
103.77.162.21200 OK 1.2 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.7.2
IP 103.77.162.21:0
File type ASCII text, with very long lines (5305), with no line terminators
Hash 8869d434cd2a3350017c5dddb6b6c624
218f6b304da36e0e5c1212e2b8afd934f2801a93
80727ae14af6bf4636a9455f87ce0e83429bacb577965aee4d0ce980759bf7e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.7.2 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 05:30:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1207
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
103.77.162.21200 OK 11 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 103.77.162.21:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.7.2
103.77.162.21200 OK 19 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.7.2
IP 103.77.162.21:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash d285250b94d00132e8cfc3bb85858079
9e6fda8841ec4f4cce0594dbb9fe997ffb0e837d
c5e17438991bdd2612f035d753537499dca2ca31919559af5ad05f6ed20db669
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.7.2 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 05:30:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18798
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
103.77.162.21200 OK 4.6 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 103.77.162.21:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
103.77.162.21200 OK 824 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
IP 103.77.162.21:0
Hash 269ed2215d4adf9265132f4135d49185
2e1bf415040627ed8041c1444de11034efe66f89
dad114286e260217aae476d3c4f7da41e7356438bb63a4e742787c6463e19963
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 05:30:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 824
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/kpoint-pro/public/css/style.css?ver=1.3
103.77.162.21200 OK 650 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/kpoint-pro/public/css/style.css?ver=1.3
IP 103.77.162.21:0
Hash 3adbc7894824bf0244fb11b15d9cac5f
a46daa0e0e24506544b2c43889c4a37ba13ad97f
d06d01d050b5823a9e841bb8bacd345ed60481579bb996ce6b885ad580702335
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/kpoint-pro/public/css/style.css?ver=1.3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 05:30:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 650
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/maxmegamenu/style.css?ver=bee96c
103.77.162.21200 OK 14 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/maxmegamenu/style.css?ver=bee96c
IP 103.77.162.21:0
File type ASCII text, with very long lines (1050)
Hash 780f8d72ad28fb54a2b35833874d8176
ae38a8dc5190867edcedfd2ec56a0247a1c4d811
6c666dcdddd5e69299e2e16f18168eea4e67586f5e8d496e9756d4c2790d645b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/maxmegamenu/style.css?ver=bee96c HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 05:30:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14362
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
103.77.162.21200 OK 141 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
IP 103.77.162.21:0
File type ASCII text, with very long lines (327)
Hash 4ee5c96ae0e578212794a5a5b7dc6fab
9c7c7c2b6352be1e9cc8aa054ddf0b44bcc86a3f
a9d6458355feb911cf0cb5783a1ea53434b9243008a77b73e026426a7727f8ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 05:30:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 141
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo.png
103.77.162.21301 Moved Permanently 707 B URL HTTP/1.1 sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo.png
IP 103.77.162.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/DMX_Logo.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
location: https://sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo.png
sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo-1.png
103.77.162.21301 Moved Permanently 707 B URL HTTP/1.1 sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo-1.png
IP 103.77.162.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/DMX_Logo-1.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
location: https://sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo-1.png
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.13.0
103.77.162.21200 OK 5.2 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.13.0
IP 103.77.162.21:0
File type Unicode text, UTF-8 text, with very long lines (23758)
Hash 0e1413a2fc3d6d2a50a1eaa24ddf06f5
22f762f0e671db52b8d9b826bf96c64d7c68f2b7
40c0587083bd9816c6a60d2dbef360c980682767783a1dbb91ab8f3eb5a60c70
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.13.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 05:30:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5182
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/css/dashicons.min.css?ver=6.0.3
103.77.162.21200 OK 35 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 103.77.162.21:0
File type ASCII text, with very long lines (58981)
Hash 54c5bfb8a890d87139d9abfe01662c83
f9eddf5b8a3269e6d6fa40b4f13083705e6267c6
9685e5cabe4efc8c85e986725af8009b306416aad3ecc9086ca5bb12b84ce4ef
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35110
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.77.162.21200 OK 4.0 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.77.162.21:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome-child/script.js?ver=6.0.3
103.77.162.21200 OK 1.3 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome-child/script.js?ver=6.0.3
IP 103.77.162.21:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (4107), with CRLF line terminators
Hash e717e7d5fd50651b7ee85873bde48fe4
4831303f66ef118a8faf9bbaf68250b4f6ede440
28873892f28f296b6be1c249389b7071c552906f4688f80512ff8fa255a74c77
GET /wp-content/themes/flatsome-child/script.js?ver=6.0.3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1258
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.0
103.77.162.21200 OK 30 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.0
IP 103.77.162.21:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b85f4166186d41fedd566555b9c6afce
71253c8d0082fd353a51b8c7746d201b071a56e5
1119a1d663ad77b690fdf14aa9633c9a3733fecd816b01b8ebb71e82f4184177
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.13.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 05:30:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29939
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome-child/style.css?ver=3.0
103.77.162.21200 OK 22 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome-child/style.css?ver=3.0
IP 103.77.162.21:0
File type ASCII text, with very long lines (65324)
Hash fea5aef1c3ccdd91ad3d397e2d1259b7
722b04012549cc50b007ff4159c38aa59db8bd62
f68aaf3b89c666df269bf9838d20e84b81ec2f73b07da74369d463d446ebf93a
GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 11:18:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22280
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
103.77.162.21200 OK 30 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 103.77.162.21:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:05 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo.png
103.77.162.21200 OK 6.7 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo.png
IP 103.77.162.21:0
File type PNG image data, 520 x 99, 8-bit colormap, non-interlaced\012- data
Hash 1df1696dbde69dc796b5b6e95839ae9d
a7b4c8c988f9b7584e7bb6d4588467b4a67eecd4
c02a96bc20f226e8d76733e6dc13b09fef158754e6dc3c1361e9ec66019ddf29
GET /wp-content/uploads/DMX_Logo.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 05:15:48 GMT
accept-ranges: bytes
content-length: 6712
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo-1.png
103.77.162.21200 OK 6.7 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/DMX_Logo-1.png
IP 103.77.162.21:0
File type PNG image data, 520 x 99, 8-bit colormap, non-interlaced\012- data
Hash 1df1696dbde69dc796b5b6e95839ae9d
a7b4c8c988f9b7584e7bb6d4588467b4a67eecd4
c02a96bc20f226e8d76733e6dc13b09fef158754e6dc3c1361e9ec66019ddf29
GET /wp-content/uploads/DMX_Logo-1.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 05:15:55 GMT
accept-ranges: bytes
content-length: 6712
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash 69ba194028576945cea8044388bda5ab
c173a44d058109bf62ad570928ffd2a1a9aaf49e
072865c88eef7c090e3ccb55e669da10e7e23956e40f1cc6bdf11c5d6ca3a2eb
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 10:52:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Fri, 03 Feb 2023 08:30:13 GMT
ETag: "c173a44d058109bf62ad570928ffd2a1a9aaf49e"
Last-Modified: Mon, 30 Jan 2023 08:30:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1457
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7919a804ede90b49-OSL
sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__2_-removebg-preview.png
103.77.162.21301 Moved Permanently 707 B URL HTTP/1.1 sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__2_-removebg-preview.png
IP 103.77.162.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/Du_an_moi__2_-removebg-preview.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
location: https://sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__2_-removebg-preview.png
sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__1_-removebg-preview.png
103.77.162.21301 Moved Permanently 707 B URL HTTP/1.1 sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__1_-removebg-preview.png
IP 103.77.162.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/Du_an_moi__1_-removebg-preview.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
location: https://sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__1_-removebg-preview.png
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/shortcodes/ux_countdown/ux-countdown.css?ver=6.0.3
103.77.162.21200 OK 346 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/shortcodes/ux_countdown/ux-countdown.css?ver=6.0.3
IP 103.77.162.21:0
Hash 68efc565e7f0407170b093a61e9c6f28
53e87fdbc98422e582c9e87fc33321818c87384c
6c6aec80890a7d42a19974bc0b63ea66ce8ca057e2cf69c8a53519d1e094d2f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/inc/shortcodes/ux_countdown/ux-countdown.css?ver=6.0.3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 05:30:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 346
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
103.77.162.21200 OK 2.4 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 103.77.162.21:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
103.77.162.21200 OK 6.9 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 103.77.162.21:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 1f5152610686781567fb3008c4429792
d0c0bddf5fb8603ed8e55c32f3093c2207f72471
75806ece853d0d76e655a433bd03548d3be6237ea1e4cacd5963f528bbe0d192
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6872
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
103.77.162.21200 OK 3.8 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
IP 103.77.162.21:0
File type ASCII text, with very long lines (12987), with no line terminators
Hash aeed4395ecf003f676da91a15c6f480a
7fd4fe08f1fe55d0da4e60dd49384b1fa31ab0fe
f5df04123f2022862a56b4a547cf4b0bebb54a6fc1dc6313c460f927d6902919
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3837
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/kpoint-pro/public/js/scripts.js?ver=1.3
103.77.162.21200 OK 134 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/kpoint-pro/public/js/scripts.js?ver=1.3
IP 103.77.162.21:0
Hash 98d4323cb380c3d7b2a56f320c1de96f
f6d066779c9d1e551c665e256fdac18d72169f77
d4b2057dbaf08f2d77ff9b276abe63a98809e827bd0e528fea15baed7646bb7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/kpoint-pro/public/js/scripts.js?ver=1.3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 134
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.7.1
103.77.162.21200 OK 3.2 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.7.1
IP 103.77.162.21:0
File type ASCII text, with very long lines (9151)
Hash 2310bfbea6b102d98f1e6e5d2daa79cc
ce50a4b987aceea2ea381932bb41400c4909d0fb
8b34f97d2be93eb99e3316cdf266e6b4088e8e7c15d84906bb9263f8d5e3840c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.7.1 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3238
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.7.1
103.77.162.21200 OK 970 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.7.1
IP 103.77.162.21:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 155d874ef60217f790dedec58e83d832
42a2698adec25b2000046cf7e3818e6478951fc3
c6801f4d5dcdd86ba3e33dc35a8765c03fd55e9f621443dd0fb7cd8c8e6707da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.7.1 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 970
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.7.1
103.77.162.21200 OK 677 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.7.1
IP 103.77.162.21:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.7.1 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.7.1
103.77.162.21200 OK 899 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.7.1
IP 103.77.162.21:0
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.7.1 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.7.1
103.77.162.21200 OK 934 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.7.1
IP 103.77.162.21:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash ef8ddf2830341f13634a12266fa9813f
45c12d8b054261b0597ffdb97ff55f8ab7a913c4
698fbd0089cafb0659518bf2359ce5c990e71c9a543338fdc7b1595ee11ade22
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.7.1 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/
103.77.162.21200 OK 36 kB URL HTTP/2 sieuthidienmayxanh24h.com/
IP 103.77.162.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash f43ee14c00bd7f2da51555cf6d8b01b3
a46fbb92899b0b0604aa6c7b6b3c832d46136bf9
19e95aba5ccfbb6530acaded1df2711a37148c84206b2d4b875d6984972fc607
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
x-pingback: https://sieuthidienmayxanh24h.com/xmlrpc.php
link: <https://sieuthidienmayxanh24h.com/wp-json/>; rel="https://api.w.org/", <https://sieuthidienmayxanh24h.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://sieuthidienmayxanh24h.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 10:52:05 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.0
103.77.162.21200 OK 4.8 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.0
IP 103.77.162.21:0
File type ASCII text, with very long lines (12801)
Hash 70cbc7ebb657b8543e7a16850bd72f06
52f910087652491f0aed0d9c23029cf9cde73e25
e001ff5cf15b6ba1d367f441370a2fad7baab087af21c7a22d009ddce1ca342b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4815
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
103.77.162.21200 OK 668 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 103.77.162.21:0
File type ASCII text, with very long lines (1464)
Hash b57bb5f7f55be8837811df1bbfebd197
a9fd3372526724938daa13cba926cff79395cbae
26512154e931a4b5441386af49e0e6d93a298ec6ae9ce2088d292cba42d61c7c
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 668
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.0
103.77.162.21200 OK 44 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.0
IP 103.77.162.21:0
File type ASCII text, with very long lines (21487)
Hash 017892fab29193801af870c0437a4a68
bef2a253f72e85d8d191e35f5d8c4ca7290c6bfd
541493fda4aa895d5f2b1caa75a2a3638289dfdc18b23d7054ae76aa3fd6afe4
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 43786
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.13.0
103.77.162.21200 OK 4.7 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.13.0
IP 103.77.162.21:0
File type HTML document, ASCII text, with very long lines (8672)
Hash 9f5aea503101342e81b909cfc6a1c43f
1c2a0b45470d435f55a8c1dbf64077143c9d0434
58da20daef6b7cf5c4dea080c4b51398887bd5cd39de47e64c8a5c5ed56ea538
GET /wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.13.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:39 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4683
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.13.0
103.77.162.21200 OK 535 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.13.0
IP 103.77.162.21:0
Hash fed5caede1ae1c6f49eba8d00729bcbf
fb1fa82a95d496cb8472be3e7a7e460ba30578e9
67813436388ff31fb6e9f252dfe4117d96f457450d5bd925c457da669075035a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.13.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 535
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.4
103.77.162.21200 OK 4.7 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.4
IP 103.77.162.21:0
File type ASCII text, with very long lines (315)
Hash 67ba3d7d77a3cbbb880ed4ae95eb3d0e
b7a8de2ec33ff721b8b552c2b1dfdcc812078849
44a24ce84dcbaf6154dc356d796d2c9650c0c14a0925dbb1fbda98e857c70717
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.4 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4673
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.1.2
103.77.162.21200 OK 3.6 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.1.2
IP 103.77.162.21:0
Hash 284f42b9d3fc7250af841b1694588cb9
34b08a5ffdc1bce8bab49ad62b1ec2d971d001ca
ef4bddc60c46a287575b105c5affe2a0c830c802afba3f5e7af36fab09bb9943
GET /wp-content/plugins/megamenu-pro/assets/public.js?ver=2.1.2 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3601
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/shortcodes/ux_countdown/countdown-script-min.js?ver=6.0.3
103.77.162.21200 OK 1.5 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/shortcodes/ux_countdown/countdown-script-min.js?ver=6.0.3
IP 103.77.162.21:0
File type ASCII text, with very long lines (3854)
Hash ea50d414e0df65c8696bf89fba1e01b0
8cb76a0356d65c863fd75385ae3d37f57fa638b7
c01c03354f7fed7436e58e24143902e754f84d2852e7af6fa8d04cad12ae1d24
GET /wp-content/themes/flatsome/inc/shortcodes/ux_countdown/countdown-script-min.js?ver=6.0.3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1547
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/shortcodes/ux_countdown/ux-countdown.js?ver=3.2.6
103.77.162.21200 OK 522 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/inc/shortcodes/ux_countdown/ux-countdown.js?ver=3.2.6
IP 103.77.162.21:0
Hash 2c3f0e57c0dd451481d4a4faf35e3933
64425bfee7f6f9f219ce13f18b7fb295518d4b15
ae2fbda60d4a434dbedd35583d0566627b67ab5dbf1871a5da3e7a0aeff7044e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/inc/shortcodes/ux_countdown/ux-countdown.js?ver=3.2.6 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:06 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 522
date: Mon, 30 Jan 2023 10:52:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
103.77.162.21200 OK 3.7 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 103.77.162.21:0
Hash f778ade6a70be55cbf039cfafb20fa7f
68d7a7f2d88907a038ec557ae0ab67f58d7bcdc5
88fd2a2f80a5ff9f70a6c4019d81f3bae8bc92623697454faa44f448cc43ad93
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
103.77.162.21200 OK 6.5 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
IP 103.77.162.21:0
File type Web Open Font Format (Version 2), TrueType, length 6536, version 1.0\012- data
Hash 21c4c69602dadee988f10c502b44d1c1
7d28ed1775492300f859296ef85ce371c26a6ff3
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: font/woff2
last-modified: Sat, 30 Jul 2022 05:30:39 GMT
accept-ranges: bytes
content-length: 6536
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
103.77.162.21200 OK 1.6 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 103.77.162.21:0
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/icon-labelgiamsoc.png
103.77.162.21200 OK 1.2 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/icon-labelgiamsoc.png
IP 103.77.162.21:0
File type PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash b7fcda87e4bebfb16c6b4c0c49bed650
1e7ef7b53f96be66381e7cc2cb7f43b07baf4436
5f9facf3f83edea10a29ef8994d5c45e5b57bccd872c056233724b303c2633fc
GET /wp-content/uploads/icon-labelgiamsoc.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/wp-content/themes/flatsome-child/style.css?ver=3.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: image/png
last-modified: Sat, 30 Jul 2022 05:30:16 GMT
accept-ranges: bytes
content-length: 1246
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
103.77.162.21200 OK 187 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
IP 103.77.162.21:0
File type ASCII text, with very long lines (316)
Hash 05220058c8e24882d9da5d093ad09468
d929457b4938731bc727e3f28ef02de3e55744fd
b89db9eb4b24c52ae0456641dcff62465edebecc82769edb015cbe71c214d4a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/zxcvbn-async.min.js?ver=1.0 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: application/javascript
last-modified: Tue, 23 Feb 2021 16:45:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 187
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-admin/js/password-strength-meter.min.js?ver=6.0.3
103.77.162.21200 OK 558 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-admin/js/password-strength-meter.min.js?ver=6.0.3
IP 103.77.162.21:0
File type ASCII text, with very long lines (1088)
Hash 83a4679bd25c92bc2a1ff9c128ef29ba
3fdb33b26d20696ef72f873af6d9d07a820ec54a
beff217915512e7274ad5e7d649efdcd2c35ea3cca254717e2433c5dc71a7bb7
GET /wp-admin/js/password-strength-meter.min.js?ver=6.0.3 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: application/javascript
last-modified: Fri, 22 Jan 2021 12:32:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 558
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=5.7.1
103.77.162.21200 OK 703 B URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=5.7.1
IP 103.77.162.21:0
File type ASCII text, with very long lines (2030), with no line terminators
Hash 690b1ba47061509e2d8241962096ba56
ea60ec1b6f5e920b379b5ee933532933f1ac08fc
311586d0faa230bc71c796155b2ad60625372e80ca24b83ee661d9171a57d9b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=5.7.1 HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 05:30:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 703
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__2_-removebg-preview.png
103.77.162.21200 OK 135 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__2_-removebg-preview.png
IP 103.77.162.21:0
File type PNG image data, 259 x 711, 8-bit/color RGBA, non-interlaced\012- data
Size 135 kB (134840 bytes)
Hash 087b5d7e90d37567768192987d9d40c9
79daa36bdca70b78d678832a9d7671207b54456b
bad9b469795dac8c0ce43b8810eecd04a0b1733b7cfef407ea24527c0b4a88bd
GET /wp-content/uploads/Du_an_moi__2_-removebg-preview.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 04:53:28 GMT
accept-ranges: bytes
content-length: 134840
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/favicon.ico
103.77.162.21200 OK 2.4 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/favicon.ico
IP 103.77.162.21:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash e8e2f13615e0bbf0f3bd77069690e58f
923bf83877a00d819a17d6bd95535e4c9862e408
0b39f41292bd9e536afa0c1fed3d53df4467c2838072c8a7289024aaf01fc323
GET /wp-content/uploads/favicon.ico HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: image/x-icon
last-modified: Sat, 30 Jul 2022 05:30:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2409
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/Frame-232388-100x100-1.png
103.77.162.21200 OK 20 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/Frame-232388-100x100-1.png
IP 103.77.162.21:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 56c4a5d54d82b6c8c85a5f1f0073c701
70dd63abbfd6ccbfe393def0c69b410135d7683c
031c9a7d92e7e26f6b1f5250a61c9f0f2be022c318cce7d35c4fda9edc1b87f7
GET /wp-content/uploads/Frame-232388-100x100-1.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 06:23:16 GMT
accept-ranges: bytes
content-length: 19759
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/icon-DMX-OF-100x100-1.gif
103.77.162.21200 OK 109 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/icon-DMX-OF-100x100-1.gif
IP 103.77.162.21:0
File type GIF image data, version 89a, 100 x 100\012- data
Size 109 kB (109096 bytes)
Hash b5d9417e91cdc8b9d514f6eb45881c76
9e26331b2c0edaeff385cf5402b74b1af2e8010a
6512ea1ee5e2b56785f809d1435def319a056c25d9ba055284995d804446e331
GET /wp-content/uploads/icon-DMX-OF-100x100-1.gif HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/gif
last-modified: Thu, 26 Jan 2023 06:30:32 GMT
accept-ranges: bytes
content-length: 109096
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__1_-removebg-preview.png
103.77.162.21200 OK 41 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/Du_an_moi__1_-removebg-preview.png
IP 103.77.162.21:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 25d82c53269cd8c3a4d6457002a7df8a
8c2676f38009ddf2fe0964f7c18c4184602f1fdb
56a85063bd07810395dca21300397abaab8ee7b9ad94c642d97ca7bb2485cf59
GET /wp-content/uploads/Du_an_moi__1_-removebg-preview.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:07 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 04:50:10 GMT
accept-ranges: bytes
content-length: 122897
date: Mon, 30 Jan 2023 10:52:07 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/720x220-5-720x220-1.webp
103.77.162.21200 OK 37 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/720x220-5-720x220-1.webp
IP 103.77.162.21:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 79b47a8a2ddd1e3141e4ff09107a179b
1b7981035c331249f04672f95f6d4e44f4bef244
41aeb5a7f4351fd51d5e7b73f79a1b4e891060422ecd2ff55077891e033d59dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/720x220-5-720x220-1.webp HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/webp
last-modified: Thu, 26 Jan 2023 06:08:39 GMT
accept-ranges: bytes
content-length: 37272
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/mhd-1920x650-6-1024x347.png
103.77.162.21200 OK 361 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/mhd-1920x650-6-1024x347.png
IP 103.77.162.21:0
File type PNG image data, 1024 x 347, 8-bit/color RGBA, non-interlaced\012- data
Size 361 kB (360562 bytes)
Hash 4a14e75c26549a765d406da2c0972f9e
c58f05b6daabd9aae2aff40be271067475dc8973
eb9f82e6969480b31467571fde956810c8cc978d82b4ba06103522633cb3fa40
GET /wp-content/uploads/mhd-1920x650-6-1024x347.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 05:27:32 GMT
accept-ranges: bytes
content-length: 360562
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/720-220-720x220-269.webp
103.77.162.21200 OK 47 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/720-220-720x220-269.webp
IP 103.77.162.21:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash bbcf2fecc6b5c0e47e9d709bf20320c9
102a115cf60259d8b899b55735affcb819c8148d
b6efecd1d13dfc1a5fa32ca3a6f9cd5a0d4faa155fb9cba815ad23b5a94a36bc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/720-220-720x220-269.webp HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/webp
last-modified: Thu, 26 Jan 2023 05:30:08 GMT
accept-ranges: bytes
content-length: 46878
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/720x220-720x220-29.png
103.77.162.21200 OK 59 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/720x220-720x220-29.png
IP 103.77.162.21:0
File type PNG image data, 720 x 220, 8-bit colormap, non-interlaced\012- data
Hash 21165e7aaaf7974eee182f4008ad4cbd
0a12830bd810ff5fa37e482f5e7e60589667a96d
f6dd7e6976b43d0ef597f7c3f6370eefc20b4f18b4ab39631134a9e099b6711f
GET /wp-content/uploads/720x220-720x220-29.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 06:08:15 GMT
accept-ranges: bytes
content-length: 58552
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/bg-danh-muc-desktop.png
103.77.162.21200 OK 15 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/bg-danh-muc-desktop.png
IP 103.77.162.21:0
File type PNG image data, 580 x 200, 8-bit colormap, non-interlaced\012- data
Hash 66b50f2a5b7d108d489541629a22790b
901f144042cc601f8c2e7c90087bb5e25de8a229
c880e3658a1f6beb9cd43f0a776fb915cd6a9f8480cd3a824f47ac5107cb350c
GET /wp-content/uploads/bg-danh-muc-desktop.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 06:21:14 GMT
accept-ranges: bytes
content-length: 14956
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/iCOnXD-150x150-1.png
103.77.162.21200 OK 16 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/iCOnXD-150x150-1.png
IP 103.77.162.21:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dc35994eb152b87c372e068a66cab35
9230e33011470f371cbbf09a41676ce8d10b16b1
967518d90d3ee97d9a7d3d709db0d4f97796a4dbcda898f6e938e0c6c9c3990a
GET /wp-content/uploads/iCOnXD-150x150-1.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 06:24:59 GMT
accept-ranges: bytes
content-length: 16441
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/Untitled-1-1-150x150-150x150-1.png
103.77.162.21200 OK 28 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/Untitled-1-1-150x150-150x150-1.png
IP 103.77.162.21:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash fb8522974f5cbca023be2c02c141dcca
b77b90651b52bf9208eacba00bb9f7a141c44c5b
959737b322f98a09658c2c49237a16f4127a8de5dfd640f85f737a2e69bed478
GET /wp-content/uploads/Untitled-1-1-150x150-150x150-1.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/png
last-modified: Thu, 26 Jan 2023 06:28:45 GMT
accept-ranges: bytes
content-length: 27482
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/Deal-ngon-1200x120-1-1024x102.png
103.77.162.21200 OK 128 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/Deal-ngon-1200x120-1-1024x102.png
IP 103.77.162.21:0
File type PNG image data, 1024 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size 128 kB (128266 bytes)
Hash 0cfa8ded2d9df6b96afb3844776cc1f0
8f79e8ad52ca55618f991294ba17001e942cc86b
71823ec7bdf62d2e32fc112dc88ce887b7647aa2c2b094c70e8c735890f0f414
GET /wp-content/uploads/Deal-ngon-1200x120-1-1024x102.png HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:08 GMT
content-type: image/png
last-modified: Thu, 06 Oct 2022 09:24:39 GMT
accept-ranges: bytes
content-length: 128266
date: Mon, 30 Jan 2023 10:52:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
cdn.tgdd.vn/2023/01/banner/1200-44-1200x44-1.png
103.48.78.149200 OK 74 kB URL HTTP/2 cdn.tgdd.vn/2023/01/banner/1200-44-1200x44-1.png
IP 103.48.78.149:0
ASN #131425 The gioi di dong jsc
File type PNG image data, 1200 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 72c7251258948ec85269319688546751
1fa14d9067f0019e418819de5259c93cd12dd211
fac1833c40f8f3df6b3e241e7202011fe5cfb2c63ebc9d27cccd982ef4af3636
GET /2023/01/banner/1200-44-1200x44-1.png HTTP/1.1
Host: cdn.tgdd.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 10:52:09 GMT
content-type: image/png
content-length: 74049
last-modified: Sat, 07 Jan 2023 04:35:24 GMT
expires: Tue, 30 Jan 2024 10:52:09 GMT
x-be: 2111
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
x-fe: VD-57 HIT
accept-ranges: bytes
x-via: cdn-ha-vdc46/c57
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS, POST, PUT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/?wc-ajax=get_refreshed_fragments
103.77.162.21200 OK 378 B URL HTTP/2 sieuthidienmayxanh24h.com/?wc-ajax=get_refreshed_fragments
IP 103.77.162.21:0
File type JSON data\012- , ASCII text, with very long lines (826), with no line terminators
Hash 1e1aee7d8c9fa15474a65a67ee4499a5
5d68772cb5f0853d605a1b3fcfd593042679c501
f86b3a6fbc7f9decb4bac32e902e55c314762d1b7b98a4e71ded6525e11a9607
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://sieuthidienmayxanh24h.com
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
x-pingback: https://sieuthidienmayxanh24h.com/xmlrpc.php
access-control-allow-origin: https://sieuthidienmayxanh24h.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 378
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 10:52:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-includes/js/zxcvbn.min.js
103.77.162.21200 OK 390 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-includes/js/zxcvbn.min.js
IP 103.77.162.21:0
File type ASCII text, with very long lines (53869)
Size 390 kB (389493 bytes)
Hash 36f4516929e4c88ccba7cb4f77b893ad
93aa274a988392bdc41e87e925f9ef57c23ed94c
99f3e5b30ab4f620db3328e435f45aab7bbd5743b02bf3d97c5c164d8f49068c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/zxcvbn.min.js HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:09 GMT
content-type: application/javascript
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 389493
date: Mon, 30 Jan 2023 10:52:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
sieuthidienmayxanh24h.com/wp-content/uploads/720-220-new-720x220-3.webp
103.77.162.21200 OK 59 kB URL HTTP/2 sieuthidienmayxanh24h.com/wp-content/uploads/720-220-new-720x220-3.webp
IP 103.77.162.21:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 63ebb4f38d92f2012bb3bb3f061283ad
4b212760be216158edd6b869c3d69312f04cbbc7
f75e7e6a20494fc5af9cd28ca4e99dee8164c311901aaa2a4438f6dc58fdd88c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/720-220-new-720x220-3.webp HTTP/1.1
Host: sieuthidienmayxanh24h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sieuthidienmayxanh24h.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 06 Feb 2023 10:52:10 GMT
content-type: image/webp
last-modified: Thu, 26 Jan 2023 05:30:38 GMT
accept-ranges: bytes
content-length: 59064
date: Mon, 30 Jan 2023 10:52:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8fce79ef35b4c943c2b60d5092d17b6f
d29ce982633d0cc50b2a968ea22893d92b9663e3
297e951e4ab09c3465deb222cbe8f66579f9154d4e8806eec3a52350e577fded
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb138c2a-a013-4652-92e0-920b0ab6d6fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5934
x-amzn-requestid: 75aeb64a-1ba1-4349-84f3-b94aabeccc9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFUMIAMF3nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-56d6fb7b337769986c5c567b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RKiUEsflAz1PfeT8AvkmfNGxTkGO_0Ajo5hgnRIvo0qdiVUA0wD46Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:34:18 GMT
age: 44274
etag: "d29ce982633d0cc50b2a968ea22893d92b9663e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2