r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11851
Expires: Sat, 12 Nov 2022 03:29:12 GMT
Date: Sat, 12 Nov 2022 00:11:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5052
Cache-Control: max-age=128638
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:41 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 11:55:39 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5707
Expires: Sat, 12 Nov 2022 01:46:49 GMT
Date: Sat, 12 Nov 2022 00:11:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 11 Nov 2022 23:44:06 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1656
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uLC8WbK8zn1x465KYt1o4TXppxXjss3W3oJUVwYaIGEV7FI/loxAWzuHztU4whP4niT9sc5jitA=
x-amz-request-id: 6SJJ2GVTE8BAEB92
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 11 Nov 2022 23:12:45 GMT
age: 3537
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 11 Nov 2022 23:24:58 GMT
cache-control: public,max-age=3600
age: 2804
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6000
Cache-Control: max-age=124510
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:42 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:46:52 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
gre.com.vn/
112.78.1.150301 Moved Permanently 0 B IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 12 Nov 2022 00:11:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.5
X-Redirect-By: WordPress
Set-Cookie: anspress_session=af4d2de8d165a0ca86e829ffe82daf92; expires=Sun, 13-Nov-2022 00:11:42 GMT; Max-Age=86400; path=/
Location: https://gre.com.vn/
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z3ooRNokwYkDCDGOBO5bQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EmMRFlgaD5ybc4/gPvqbbmtNSd0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9061da940bd3c7371ccdc29b45f426e
f4c18ae8d86013b6d4d104837b40420425993ab7
fcf4df46a5a90b160d3afab5a9535ed6cc600118561fcdbf413d7e0388c3e7a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCF4DF46A5A90B160D3AFAB5A9535ED6CC600118561FCDBF413D7E0388C3E7A0"
Last-Modified: Sat, 12 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Sat, 12 Nov 2022 06:11:13 GMT
Date: Sat, 12 Nov 2022 00:11:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6035
Expires: Sat, 12 Nov 2022 01:52:18 GMT
Date: Sat, 12 Nov 2022 00:11:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6035
Expires: Sat, 12 Nov 2022 01:52:18 GMT
Date: Sat, 12 Nov 2022 00:11:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6035
Expires: Sat, 12 Nov 2022 01:52:18 GMT
Date: Sat, 12 Nov 2022 00:11:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6035
Expires: Sat, 12 Nov 2022 01:52:18 GMT
Date: Sat, 12 Nov 2022 00:11:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6035
Expires: Sat, 12 Nov 2022 01:52:18 GMT
Date: Sat, 12 Nov 2022 00:11:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13fa5c30-6136-43f2-a03b-10bef31fb9ca.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13fa5c30-6136-43f2-a03b-10bef31fb9ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f50fc8e620dd1609bd5551d3cc883bc7
2e7020da5b16b5a4b70a770e5c86d31cdbbb437c
dee271c7472440f751722b893089188cc500182616cb4e4ad08f4501285e0423
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13fa5c30-6136-43f2-a03b-10bef31fb9ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7278
x-amzn-requestid: 9a988a74-3789-40df-b9b9-bcb632980fef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQE6toAMF30A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-01b8f9bc4195e9f93cb981c2;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vYuFeHSmK1D69xL5Av9ypAcZvBDfseQ64oYBtUqGpruzz9Q5-15LvA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:46 GMT
age: 8757
etag: "2e7020da5b16b5a4b70a770e5c86d31cdbbb437c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lp5eW92D8SbFtcQLk-LRSaSKNMNFYCW7XTALdNdrJxN6ebgdH8_1Dw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:42:55 GMT
age: 8928
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cabc8a-e59f-4a5a-9daf-efc2f08dd558.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cabc8a-e59f-4a5a-9daf-efc2f08dd558.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93b7017621a1a6181f14a2f125a1ad50
ab420d5a89044e863e543330e00aa00f12f1c490
da668278aacf51a38a1aaf687f3baf938dd288cf90ec791533c92e61ba716ed2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cabc8a-e59f-4a5a-9daf-efc2f08dd558.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8188
x-amzn-requestid: 27e084b6-0fc0-4398-a591-8317e81b96c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMiTFvJoAMF4gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec141-33db0c401d7e5c1721b4365d;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KMTguT6aLQkl8gSXjZqn0zE6lbxKg2YAJHhhlRWh-rlpq7mrl-nEiw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:44:57 GMT
age: 8806
etag: "ab420d5a89044e863e543330e00aa00f12f1c490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 701700f42e1b0e528a63c3bd2a4c54e7
a3af603900538ea10e094981d298a0b37d0ab896
c84ac2d3524eb950a433aa01e1226d995d87948452e4e135a4661094923ca465
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4268
x-amzn-requestid: 19d2f4e7-b6c1-4093-b54c-70a9a476ad89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEwYIAMFg7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-6e2f5a6147153e5c32cc4499;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RPDkAR4fjBR89lWuee42HxnCGQv_vd6tWbOavmEsGCkZeKwjW_99Dg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:44:57 GMT
age: 8806
etag: "a3af603900538ea10e094981d298a0b37d0ab896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f5d648-d178-4f63-98ef-7a2f4504174e.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f5d648-d178-4f63-98ef-7a2f4504174e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93d01c3c2422df3f7994d3496069dc37
96a4243e7f538fdd4e0aec4f39b058a08a4898e9
1fbc7efb3dfb058984abf1fbe60021212ff1bca8e366f03b1752c615e5249e55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f5d648-d178-4f63-98ef-7a2f4504174e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7493
x-amzn-requestid: 077e815e-bbfc-472c-9d22-a9f0e7cda511
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNDhGYvIAMFygQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec216-3a8a5a6f41b8ade53ff48dce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:50 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OLdVee-O7P-RLfbeaNBvTK8UX-hcx51-athqqaRuIzrtlIAPxw3BPg==
via: 1.1 feda34dcbf6a00e232656b7983c2c7f0.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:37 GMT
age: 7866
etag: "96a4243e7f538fdd4e0aec4f39b058a08a4898e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F292d386e-36b4-4614-bebd-2fe9361cfd1d.webp
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F292d386e-36b4-4614-bebd-2fe9361cfd1d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e83775b8f2c36b850c9d82a13ed2a2a
784ce1f6b6aea8fdf1fab68595ae2617318036d6
8ccec617059cbb0ecf2bc4d4ea6734b1427e169ccb57547a1e04f67a23321751
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F292d386e-36b4-4614-bebd-2fe9361cfd1d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12114
x-amzn-requestid: f30767b8-93f7-4ba5-8e36-252bbacaaf22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM6-EBMoAMF_Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-7272e2a57ea9295b3c2429d7;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e-KN8k5ImyNWZ8tTxFqS0RncJXMslQs4UzXDtacRUiZJtvxSdtBxng==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:01:45 GMT
age: 7798
etag: "784ce1f6b6aea8fdf1fab68595ae2617318036d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gre.com.vn/
112.78.1.150200 OK 19 kB IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 24d1d10369cd1d02dfb8c0d60404400c
67d49639e6803b5ec330167a6e232275aef664ca
23e469a09bece2cfb30c5c207a2d84c7bc117c8b3f1bbaf2bd82f9617062af2f
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/html; charset=UTF-8
content-length: 19323
x-powered-by: PHP/7.3.5
link: <https://gre.com.vn/wp-json/>; rel="https://api.w.org/", <https://gre.com.vn/wp-json/wp/v2/pages/2309>; rel="alternate"; type="application/json", <https://gre.com.vn/>; rel=shortlink
set-cookie: anspress_session=84fd732cccfba2d20162a73359b9c613; expires=Sun, 13-Nov-2022 00:11:43 GMT; Max-Age=86400; path=/
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?key=AIzaSyBP7DGQ8Mj_Sb2A9tVW7edZ9fLL8hCVM6E&ver=1668211903
142.250.74.10200 OK 53 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyBP7DGQ8Mj_Sb2A9tVW7edZ9fLL8hCVM6E&ver=1668211903
IP 142.250.74.10:0
File type ASCII text, with very long lines (2459)
Hash 85cb36dec93a93b74e9e2c2380597a20
6f78614032863a52ab3d06fc0289833146ca5311
a20685318fe32f343de325802b538b7c72ba6b3f259929134a7d7c44f11da848
GET /maps/api/js?key=AIzaSyBP7DGQ8Mj_Sb2A9tVW7edZ9fLL8hCVM6E&ver=1668211903 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sat, 12 Nov 2022 00:11:44 GMT
expires: Sat, 12 Nov 2022 00:41:44 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53393
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 06d7d61a20669050493c3fd5d2b9798e
5d2d51f23582ef785072cdd0ca9ccf859b563b2d
653662665ea3298734fa313f693216a3932a64ac2903986d7415f60f97bcf27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gre.com.vn/wp-content/plugins/anspress-question-answer/templates/css/fonts.css?ver=4.3.0
112.78.1.150200 OK 3.5 kB URL HTTP/2 gre.com.vn/wp-content/plugins/anspress-question-answer/templates/css/fonts.css?ver=4.3.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type Unicode text, UTF-8 (with BOM) text, with very long lines (3369)
Hash 1062b904291e193116acf9efc62bacce
e410e07946140671f14184602fe2818761c99da1
dc4eb4fa9e7e85bf4762fcff65a3d657048d7907500867387cdad21515728328
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/anspress-question-answer/templates/css/fonts.css?ver=4.3.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 3527
last-modified: Sat, 23 Jul 2022 02:19:25 GMT
etag: "62db5aad-dc7"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/anspress-question-answer/templates/css/main.css?ver=4.3.0
112.78.1.150200 OK 76 kB URL HTTP/2 gre.com.vn/wp-content/plugins/anspress-question-answer/templates/css/main.css?ver=4.3.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8527763c6e3d3b75f539da2d16f6ecf1
f375c9a211f7c8d33a60291685e8e339d194f6f5
9ecb7e6e6cbdc850a3ef8e0cfcef31e5a5e9d6d54399190f3634d25c0fb19a0e
GET /wp-content/plugins/anspress-question-answer/templates/css/main.css?ver=4.3.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 75894
last-modified: Sat, 23 Jul 2022 02:19:25 GMT
etag: "62db5aad-12876"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/anspress-question-answer/templates/css/overrides.css?v=4.3.0&ver=4.3.0
112.78.1.150200 OK 0 B URL HTTP/2 gre.com.vn/wp-content/plugins/anspress-question-answer/templates/css/overrides.css?v=4.3.0&ver=4.3.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/anspress-question-answer/templates/css/overrides.css?v=4.3.0&ver=4.3.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 0
x-accel-version: 0.01
last-modified: Sat, 23 Jul 2022 02:19:25 GMT
etag: "0-5e46f945a4540"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.6
112.78.1.150200 OK 24 kB URL HTTP/2 gre.com.vn/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.6
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (24504)
Hash 7c073b910d79ad465dcfd1894caef986
526c28d076c1aaae387cdbbf04cb2e64b13b29ab
2428388ee7fb9c89fdfd1191a1fb4a45794d7fd64777ecfd9bc4c06052a17522
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.6 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 24505
last-modified: Thu, 21 Jul 2022 08:21:48 GMT
etag: "62d90c9c-5fb9"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/select2.min.css?ver=1668211903
112.78.1.150200 OK 15 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/select2.min.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (15090), with CRLF line terminators
Hash af19a4367b2194bffa202ad6b91f85fb
11412c40a2d2093b310b6083b96af33bd20ce493
87a3fe035dc2a0c445eb9e792edb0de70ddb9417d4d82ff253015fa847ecb52c
GET /wp-content/themes/splash/assets/css/select2.min.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 15092
last-modified: Tue, 09 Jun 2020 09:32:00 GMT
etag: "5edf5710-3af4"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/owl.carousel.css?ver=1668211903
112.78.1.150200 OK 4.8 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/owl.carousel.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with CRLF line terminators
Hash d48cad87ce04970f9a2ed80f2ed2285d
d2ec5b795a3f70ed6cd421554bf0ab3ab1b11cf0
a8fafb3979cb206518537bbd02e5cdaa78a1808b6e58ab8e7cf7941d0b7b344e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/css/owl.carousel.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 4830
last-modified: Tue, 09 Jun 2020 09:32:00 GMT
etag: "5edf5710-12de"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/font-awesome.min.css?ver=1668211903
112.78.1.150200 OK 31 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/font-awesome.min.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (30909), with CRLF line terminators
Hash 8d42434f0165da42899648f91f192722
1f15f52c09e82d126c03bfb0c013e973f4958021
7308428f1f0064573f2644aec33aea3312c2701204eeab10564624242ef2787f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/css/font-awesome.min.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 31076
last-modified: Tue, 09 Jun 2020 09:32:00 GMT
etag: "5edf5710-7964"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.6.0
112.78.1.150200 OK 34 kB URL HTTP/2 gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.6.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (34217)
Hash ffb96099720dde6483d7cab290c543ee
1a6ece8eee36923d795cdf78674b47e7f1b8e94f
cdfdf586f38cfb19c6264343cc6a64adce7ff0961834e96a2f912f01dc29e3f0
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.6.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 34399
last-modified: Thu, 21 Jul 2022 08:21:29 GMT
etag: "62d90c89-865f"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.6.0
112.78.1.150200 OK 56 kB URL HTTP/2 gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.6.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (56243)
Hash f7409f91a34ea35236d98702f4e69f4c
3a3c16cbb1114f8e210b87cf3102a99968bf6a26
04950e48cd4097fb4a540c3abcf445cd92d59bdf9ba40f49cfb180cc94387a2f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.6.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 56425
last-modified: Thu, 21 Jul 2022 08:21:29 GMT
etag: "62d90c89-dc69"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/bootstrap.min.css?ver=1668211903
112.78.1.150200 OK 121 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/bootstrap.min.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (65367), with CRLF line terminators
Size 121 kB (121257 bytes)
Hash 6a207807ca522faf1648932b44dfb695
1ae2e2b4b19649202abeae802f35dbb328482ab6
9c9fd59b503fe1ba24e0933b2352c9f675a321cf367bb8342c7e9196e8284e80
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/css/bootstrap.min.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 121257
last-modified: Tue, 09 Jun 2020 09:32:00 GMT
etag: "5edf5710-1d9a9"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/jquery.fancybox.css?ver=1668211903
112.78.1.150200 OK 5.3 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/jquery.fancybox.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with CRLF line terminators
Hash 678590b3df3abbce815a0bf3b23cfd8c
dcf267a0ae755b6982765030676218c674c8fe7a
f07511e6a8444cb26fa3d57f1abba880d6d2795df092eb70b3f851570bd5bad9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/css/jquery.fancybox.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 5282
last-modified: Tue, 09 Jun 2020 09:32:00 GMT
etag: "5edf5710-14a2"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/lightbox.css?ver=1668211903
112.78.1.150200 OK 4.1 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/lightbox.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with CRLF line terminators
Hash 53846f325f2e446382ae390f3f3a55ff
c41a7a4e65e2901392f5a1e62a4d2e2af86d2b29
5d0a8106e2ef49f987b646f846578ae66cd485283ed7531820ac19806e527301
GET /wp-content/themes/splash/assets/css/lightbox.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 4120
last-modified: Tue, 09 Jun 2020 09:32:00 GMT
etag: "5edf5710-1018"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/splash-icons.css?ver=1668211903
112.78.1.150200 OK 4.7 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/splash-icons.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with CRLF line terminators
Hash e79fa18089774d120d7943ea80bb5bc8
d3ce566f2d8052756af9b58b97b2304dd569cc7b
c21fa9662ee1c73411982d978db65e7e4bcf4c3e071fe151c96f7e42f0acdf29
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/css/splash-icons.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 4683
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-124b"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/style.css?ver=1668211903
112.78.1.150200 OK 11 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/style.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with CRLF line terminators
Hash 5afa069bb77876b5dc101ca453772d7a
59e37095914ac311fbd91e887a5a2ec89115dbd3
cac7288149059abe7ab488970924a8ad18543879d8e2520a2a7cf968e42f31d4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/style.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 10831
last-modified: Tue, 09 Jun 2020 11:38:35 GMT
etag: "5edf74bb-2a4f"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3
112.78.1.150200 OK 4.9 kB URL HTTP/2 gre.com.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.8.3 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 4933
last-modified: Thu, 21 Jul 2022 08:22:20 GMT
etag: "62d90cbc-1345"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
112.78.1.150200 OK 2.7 kB URL HTTP/2 gre.com.vn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 2731
last-modified: Thu, 21 Jul 2022 08:21:39 GMT
etag: "62d90c93-aab"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/sportspress/assets/css/icons.css?ver=2.7
112.78.1.150200 OK 2.5 kB URL HTTP/2 gre.com.vn/wp-content/plugins/sportspress/assets/css/icons.css?ver=2.7
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash de38c3656cac28df84c808564e07c7f2
37a3b9d1cd375c3b8e1f9c503abf7dd5c662e01c
1499434474341ae6bea12a035804abdcfe3ba63fce3eeda8b4a61a88a82e0d80
GET /wp-content/plugins/sportspress/assets/css/icons.css?ver=2.7 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 2532
last-modified: Thu, 21 Jul 2022 08:21:26 GMT
etag: "62d90c86-9e4"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash-child/style.css?ver=6.0.3
112.78.1.150200 OK 500 B URL HTTP/2 gre.com.vn/wp-content/themes/splash-child/style.css?ver=6.0.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with CRLF, LF line terminators
Hash 3115b10ae790c3352b1125faaf8fbed4
b12ae920448877b8777aaeaf83efc3c7cade5d7e
a9be8a4b5cb75e42e4559be65153fe2d9494e6c8b5ed0a55b39cfec8c519780d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash-child/style.css?ver=6.0.3 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 500
x-accel-version: 0.01
last-modified: Sat, 23 Jul 2022 03:40:12 GMT
etag: "34f-5e470b5419f00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11
112.78.1.150200 OK 61 kB URL HTTP/2 gre.com.vn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 614e7805d92c4702107d8a472080102d
02e9c1c0b6158c80c431c9ee6eef9ab36387ec4e
5be8f036c2f8c92a8faa7de65008859beaebf3a396ca42a8a5b7fe4fb8adbd06
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 61344
last-modified: Thu, 21 Jul 2022 08:22:05 GMT
etag: "62d90cad-efa0"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-includes/css/dashicons.min.css?ver=6.0.3
112.78.1.150200 OK 59 kB URL HTTP/2 gre.com.vn/wp-includes/css/dashicons.min.css?ver=6.0.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
GET /wp-includes/css/dashicons.min.css?ver=6.0.3 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 59016
last-modified: Wed, 03 Mar 2021 14:16:22 GMT
etag: "603f9a36-e688"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/sportspress/assets/css/sportspress.css?ver=2.7.15
112.78.1.150200 OK 12 kB URL HTTP/2 gre.com.vn/wp-content/plugins/sportspress/assets/css/sportspress.css?ver=2.7.15
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash a4c83c82dbc4ccea81014dfd86396f2e
40d319bc1373acd153528cdc7c636f63c8ff487d
cef377d61163cb55f12a51dd0c8f670ce5bd3dc10c8637bb0bf52b7a7bc80731
GET /wp-content/plugins/sportspress/assets/css/sportspress.css?ver=2.7.15 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 11818
last-modified: Thu, 21 Jul 2022 08:21:26 GMT
etag: "62d90c86-2e2a"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/includes/megamenu/assets/css/megamenu.css?ver=6.0.3
112.78.1.150200 OK 31 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/includes/megamenu/assets/css/megamenu.css?ver=6.0.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (715), with CRLF line terminators
Hash 92dd78ae252e785b6f84aa93582fa5d5
a5bb877e07d04d940feba4f6393ddecc4d3a7a44
0a3139edf4889053a152b7eba3a2482c4d60104fcf32458c986f62f3cd6a5059
GET /wp-content/themes/splash/includes/megamenu/assets/css/megamenu.css?ver=6.0.3 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 30987
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-790b"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
112.78.1.150200 OK 1.5 kB URL HTTP/2 gre.com.vn/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (1519), with no line terminators
Hash 73e46bbd8244a60086283f5fe275d682
b477443fbe8763c8f111877029b7aee9039ef64d
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 1519
last-modified: Fri, 29 Jul 2022 03:18:07 GMT
etag: "62e3516f-5ef"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
112.78.1.150200 OK 11 kB URL HTTP/2 gre.com.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 11224
last-modified: Wed, 18 Nov 2020 02:06:06 GMT
etag: "5fb4818e-2bd8"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0
112.78.1.150200 OK 9.5 kB URL HTTP/2 gre.com.vn/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.7.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 9533
last-modified: Thu, 21 Jul 2022 08:22:20 GMT
etag: "62d90cbc-253d"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.6.0
112.78.1.150200 OK 374 B URL HTTP/2 gre.com.vn/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.6.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash 99f478aea66ce928c3dda9ab3a0dbbb3
29bb3e5ccb81defba6cf1749768f4c57533e261a
44b0fdb4d849dfa85411e2e814e8352a89f04fad8e65924f477368dad133955e
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.6.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 374
x-accel-version: 0.01
last-modified: Thu, 21 Jul 2022 08:21:29 GMT
etag: "3e0-5e44c67857440-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/includes/megamenu/assets/js/megamenu.js?ver=6.0.3
112.78.1.150200 OK 1.8 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/includes/megamenu/assets/js/megamenu.js?ver=6.0.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with CRLF line terminators
Hash 19deeada624b09220e10d554090c7b74
5eb6763ed3cf7d33395425a42bb99f19911909c9
69e267c05fd27ffc3ea38d8deb1470d155b323cc805a982274f2a8c46ee1a271
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/includes/megamenu/assets/js/megamenu.js?ver=6.0.3 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 1759
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-6df"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0
112.78.1.150200 OK 3.0 kB URL HTTP/2 gre.com.vn/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.7.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 3037
last-modified: Thu, 21 Jul 2022 08:22:20 GMT
etag: "62d90cbc-bdd"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/vc_components/stm_media_tabs_style_5_3.css?ver=1668211903
112.78.1.150200 OK 6.0 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/vc_components/stm_media_tabs_style_5_3.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash 62928f491da2769c1be430cd4338a762
5e224cb0c4b61b55939f8a6480c5da153f9d9780
8db5c08bb5594c9378a79e42ae015be30f8e9283c11b8c9a0bc2dcb48b3a4acc
GET /wp-content/themes/splash/assets/css/vc_components/stm_media_tabs_style_5_3.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 5950
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-173e"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/vc_components/stm_stats_count_style_1.css?ver=1668211903
112.78.1.150200 OK 316 B URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/vc_components/stm_stats_count_style_1.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash efe8ef475c148e1ade9b66a9b94519a1
f1596eeec4aaa4fb24a7e66b345222f20c841ea2
8cb4abdc5139474d2b4b4ab746f2b17cd1b1b27f697f5218a5ab58d5874b2ef6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/css/vc_components/stm_stats_count_style_1.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 316
x-accel-version: 0.01
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "2d1-5a7a366472640-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gre.com.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
112.78.1.150200 OK 89 kB URL HTTP/2 gre.com.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 88932
last-modified: Mon, 04 Jul 2022 05:10:38 GMT
etag: "62c2764e-15b64"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/rugby.css?ver=1668211903
112.78.1.150200 OK 70 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/rugby.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (389)
Hash 665fea7843290a8708e5cee1c1c33d66
21a389f0822ebfc59765b1537bea8e8ffa5819a2
3210406c07db18eb7ea104df4bb37139a328a87a2a0644e5eb9a5980ec816a1a
GET /wp-content/themes/splash/assets/css/rugby.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 69728
last-modified: Fri, 22 Jul 2022 10:17:37 GMT
etag: "62da7941-11060"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
112.78.1.150200 OK 126 B URL HTTP/2 gre.com.vn/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with no line terminators
Hash ac7ecbcdc01fb980628e0ca076fd2c39
2df6d7adf64efc42e8f46243d5620c62879b59be
9f2cb415bb1b9656398091a9b2657b2dfe043c03a6526a9a12c6af51062e54c6
GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 126
x-accel-version: 0.01
last-modified: Fri, 29 Jul 2022 03:18:07 GMT
etag: "81-5e4e9195852c5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gre.com.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
112.78.1.150200 OK 90 kB URL HTTP/2 gre.com.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 89521
last-modified: Wed, 10 Mar 2021 08:07:24 GMT
etag: "60487e3c-15db1"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/owl.carousel.min.js?ver=1668211903
112.78.1.150200 OK 40 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/owl.carousel.min.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (32078), with CRLF line terminators
Hash 1c77dd999d1136731aa98716f336bc9e
34139e279d950ad906ba19547655240fc9dcea1e
48f38dd2f11a293e417df6afaaa35d2e74bcb1e7efe113b57e36a6ada42fc5f1
GET /wp-content/themes/splash/assets/js/owl.carousel.min.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 40412
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-9ddc"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/jquery.fancybox.pack.js?ver=1668211903
112.78.1.150200 OK 23 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/jquery.fancybox.pack.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (645), with CRLF line terminators
Hash 0ca8cd384931d74c4b6a9f592e987f69
ae6318aeb62ad4ce7a7e9a4cdacd93ffb004f0fb
2be721560b8cae178785531dc523d2f7b9b173bb6571536fed94a85c0d31c525
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/js/jquery.fancybox.pack.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 23180
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-5a8c"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/bootstrap.min.js?ver=1668211903
112.78.1.150200 OK 37 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/bootstrap.min.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (32003), with CRLF line terminators
Hash fb0e635db142b1b9fce20fe2370ec6cc
c5c481ca5a263031d938f6c12abd2fe5fb4b6a83
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
GET /wp-content/themes/splash/assets/js/bootstrap.min.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 36874
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-900a"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.6.0
112.78.1.150200 OK 36 kB URL HTTP/2 gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.6.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (32004)
Hash b4873ebabbcc79e9f782bf823158aa89
01d30454ae34579186d40b77f122d711fd45fca5
f31914cfde2f16e02ab4d628bb4174d58c9486f153e9ed4d39b1650fc09dd15a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.6.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 35722
last-modified: Thu, 21 Jul 2022 08:21:29 GMT
etag: "62d90c89-8b8a"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/waypoints.min.js?ver=1668211903
112.78.1.150200 OK 8.1 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/waypoints.min.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash 4fe14337a62d710389f42e8a5d1043f7
5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5
069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf
GET /wp-content/themes/splash/assets/js/waypoints.min.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 8051
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-1f73"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/jquery.counterup.min.js?ver=1668211903
112.78.1.150200 OK 1.1 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/jquery.counterup.min.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (917), with CRLF line terminators
Hash 4f0e0b047f2ed8512d5119b31432bdcf
15c6242be4251b23c8aec6dd4620b95c37c53d22
3145a2ee536ea38dbcb2563fe7dad866ca2bceff859249e069cf33224f43b7cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/js/jquery.counterup.min.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 1074
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-432"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-includes/js/imagesloaded.min.js?ver=4.1.4
112.78.1.150200 OK 5.6 kB URL HTTP/2 gre.com.vn/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 5629
last-modified: Sat, 13 Jun 2020 11:53:28 GMT
etag: "5ee4be38-15fd"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/splash.js?ver=1668211903
112.78.1.150200 OK 18 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/splash.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with CRLF line terminators
Hash 7df66d39f680c8cdc37dc5a4717f593f
5b621e4c1f3e1e117ab56b1232c0a91c6f853e9c
6323ade4c6901ea995bed645b2d3a4435a15a6ec278b150611ae4da60e4c7cb9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/js/splash.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 17586
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-44b2"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/header.js?ver=1668211903
112.78.1.150200 OK 2.3 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/header.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with CRLF line terminators
Hash ae9189af5695974aa881150944ec3036
92f5369fc1f0f78ebd554ae43c544fe835025b2a
b3829853d8380812077390332c6259764322fc73ae7507d84e2c960735d8dfaf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/js/header.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 2298
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-8fa"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/ticker_posts.js?ver=1668211903
112.78.1.150200 OK 1.7 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/ticker_posts.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d8c6dedd0ab7822283381be34968811f
e9244a9a1c01f4fd175ac60768851e575de59e42
e6b9ec3ef8626cb56580cc9ad38d612fddd9d143c2ed76a4a16e93c3754275f9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/js/ticker_posts.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 1687
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-697"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/lightbox.js?ver=1668211903
112.78.1.150200 OK 19 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/lightbox.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (671), with CRLF line terminators
Hash 77957c832b20dd50b20615721b11263f
1fd9956fa79ffc6188980eb39fca3cc4c38c3187
c6c10fcd0d32beea1bae6016993eab0030d98fa1dad9b4cf3d11de021987ee72
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/js/lightbox.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 18761
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-4949"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
112.78.1.150200 OK 6.5 kB URL HTTP/2 gre.com.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 6475
last-modified: Mon, 11 Apr 2022 05:04:30 GMT
etag: "6253b6de-194b"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
112.78.1.150200 OK 19 kB URL HTTP/2 gre.com.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 19142
last-modified: Mon, 11 Apr 2022 05:04:30 GMT
etag: "6253b6de-4ac6"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
112.78.1.150200 OK 22 kB URL HTTP/2 gre.com.vn/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (21904), with no line terminators
Hash e7334b0f16895605c1234c69ad86fd4a
6da3372e63cabe2d3c6b0dfecc70770c2f69921b
e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 21904
last-modified: Thu, 21 Jul 2022 08:21:39 GMT
etag: "62d90c93-5590"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/ajax.submit.js?ver=1668211903
112.78.1.150200 OK 15 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/ajax.submit.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (14917), with no line terminators
Hash 3fb335ab104e338dc990f0dccf170006
3a3d1aa5e5fb41cbf027d8f3943c2a15d6675be7
1a22e8c06764a784d80856e4b25baa8c5bc9bc6fb25a52a0edb75cb384f3e007
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/js/ajax.submit.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 14917
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-3a45"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/sportspress/assets/js/sportspress.js?ver=2.7.15
112.78.1.150200 OK 4.3 kB URL HTTP/2 gre.com.vn/wp-content/plugins/sportspress/assets/js/sportspress.js?ver=2.7.15
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash 5199162d7eb01b3c0c0a313cdbb4d2a7
ebbe3b7db0921add0983badcb3d877fedfd40d83
81750e54af217f2747e3b23cc202af9cf97e98500ca5536ef312b2fe851ff952
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sportspress/assets/js/sportspress.js?ver=2.7.15 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 4334
last-modified: Thu, 21 Jul 2022 08:21:26 GMT
etag: "62d90c86-10ee"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0
112.78.1.150200 OK 1.8 kB URL HTTP/2 gre.com.vn/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.7.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 1834
last-modified: Thu, 21 Jul 2022 08:22:20 GMT
etag: "62d90cbc-72a"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0
112.78.1.150200 OK 2.1 kB URL HTTP/2 gre.com.vn/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.7.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 2139
last-modified: Thu, 21 Jul 2022 08:22:20 GMT
etag: "62d90cbc-85b"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/anspress-question-answer/addons/recaptcha/script.js?ver=4.3.0
112.78.1.150200 OK 243 B URL HTTP/2 gre.com.vn/wp-content/plugins/anspress-question-answer/addons/recaptcha/script.js?ver=4.3.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash 7a762a348702ef7c9dccbe4bfd37ff0e
2f8e2f31eef7978c4f9b7e4ee21fd5930320407f
d90ee2db99d29e1a215e21f21f43584bb50f4e893917f800db3f5887bac7701c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/anspress-question-answer/addons/recaptcha/script.js?ver=4.3.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 243
x-accel-version: 0.01
last-modified: Sat, 23 Jul 2022 02:19:25 GMT
etag: "1b4-5e46f945a4540-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
112.78.1.150200 OK 21 kB URL HTTP/2 gre.com.vn/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (20418)
Hash b00a0fd5e283160549de2c7b36243b7b
f2401243950cd9624002921265e46a518851f12b
314ce6baaa3218eb171fa2c278d7fdf1b9872305dfa667e9cbf2df77c83a9a88
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 20637
last-modified: Thu, 21 Jul 2022 08:21:29 GMT
etag: "62d90c89-509d"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.6.0
112.78.1.150200 OK 13 kB URL HTTP/2 gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.6.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (12478)
Hash 0bf128a0c049a8e5386d7c709e8f2d5d
dca62041e11fcbb5aeb958612916f3453efbcf5c
2d42b8a78389235460930cf4f496b8411d46a3344229e4309480803bb39d1575
GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.6.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 12834
last-modified: Thu, 21 Jul 2022 08:21:29 GMT
etag: "62d90c89-3222"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0
112.78.1.150200 OK 2.9 kB URL HTTP/2 gre.com.vn/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.7.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 2938
last-modified: Thu, 21 Jul 2022 08:22:20 GMT
etag: "62d90cbc-b7a"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
112.78.1.150200 OK 19 kB URL HTTP/2 gre.com.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 18617
last-modified: Mon, 11 Apr 2022 22:56:24 GMT
etag: "6254b218-48b9"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/js/select2.full.min.js?ver=1668211903
112.78.1.150200 OK 73 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/js/select2.full.min.js?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type Unicode text, UTF-8 text, with very long lines (32127), with CRLF line terminators
Hash 39b941b36c7c724cc896aa794b5a8ec8
be9bdeb3da920f93cb2a1315629f49902d131b32
ba55a9b5f9ad3a2eb83cab3254338b302ee66154ebdaaac1382e1e829f96281c
GET /wp-content/themes/splash/assets/js/select2.full.min.js?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 73327
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-11e6f"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/sportspress/assets/js/jquery.dataTables.min.js?ver=1.10.4
112.78.1.150200 OK 81 kB URL HTTP/2 gre.com.vn/wp-content/plugins/sportspress/assets/js/jquery.dataTables.min.js?ver=1.10.4
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type Unicode text, UTF-8 text, with very long lines (568)
Hash 9dceab63ef7058a99a3f84dbc4ccd3c0
22a1a1c3a104b105c767c2231422e8e45ac6c9cf
f3e9d5a0e959973519a493eafd7d257e56633333b25688ccc4c7c071cea858d0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sportspress/assets/js/jquery.dataTables.min.js?ver=1.10.4 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 80863
last-modified: Thu, 21 Jul 2022 08:21:26 GMT
etag: "62d90c86-13bdf"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/logo.png
112.78.1.150200 OK 14 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/logo.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 828 x 350, 8-bit colormap, non-interlaced\012- data
Hash 780f662161bd03b8959c5dab678ea561
ac8c266ec14c4f4d1adbf5edb4cf4718a31a1f7c
024000c1fb6fe7fa69c7e0c0cf570825cd6ffac1f62e19045bc6941d7257aafa
GET /wp-content/uploads/2022/07/logo.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/png
content-length: 13557
last-modified: Fri, 22 Jul 2022 10:19:51 GMT
etag: "62da79c7-34f5"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/11/bialachluat-555x433.jpg
112.78.1.150200 OK 61 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/11/bialachluat-555x433.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 555x433, components 3\012- data
Hash b65603297c06f9856b75b5ed877143b7
563567199ac39b2939fc6b827991040df21f9d02
cee5b8322621f9794c7af0514ee453a32bd1f788e70955efea909a16ec7d90bb
GET /wp-content/uploads/2022/11/bialachluat-555x433.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/jpeg
content-length: 60611
last-modified: Thu, 10 Nov 2022 01:25:05 GMT
etag: "636c52f1-ecc3"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/dich-vu-tap-vu-van-phong.jpg
112.78.1.150200 OK 30 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/dich-vu-tap-vu-van-phong.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 712x440, components 3\012- data
Hash dd1ddf1eca9ae34c066f84f61be9f56a
5ad792caf77c30d77d49a32ad866ff6bb0fe7b1e
d84f4028fa0b9cacb89e9dfff67448a726ae20788f0ed364b89da3fec9ef6f48
GET /wp-content/uploads/2022/07/dich-vu-tap-vu-van-phong.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/jpeg
content-length: 29685
last-modified: Fri, 22 Jul 2022 09:25:01 GMT
etag: "62da6ced-73f5"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/kythuat1-741x450.jpg
112.78.1.150200 OK 58 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/kythuat1-741x450.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 741x450, components 3\012- data
Hash f41c81bc7054ae28fb3e8d5afa99c0a2
73a98226950c4844ae1297d1dc2fe757b792285a
3ae570f089102a70ed40139edb874016d77f0e3b99f5799b5b94d68624255f57
GET /wp-content/uploads/2022/07/kythuat1-741x450.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/jpeg
content-length: 58352
last-modified: Fri, 22 Jul 2022 09:39:38 GMT
etag: "62da705a-e3f0"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/Licogi13.png
112.78.1.150200 OK 28 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/Licogi13.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 270 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 6916bcbc8b5f65026c47a8291e14f390
0523033aced0f80b43e3db1fc9631d792e8829c2
03739863e6bf0fd7ebec96cfd2c93f3cdaa109dfc4cdb3b187292aa956b8f4e2
GET /wp-content/uploads/2022/07/Licogi13.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/png
content-length: 28314
last-modified: Fri, 22 Jul 2022 06:41:01 GMT
etag: "62da467d-6e9a"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/VCB.png
112.78.1.150200 OK 37 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/VCB.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 270 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f4e01e9666dcd1b6cb527ed65e9b9d2
92fb9698cd2a6ec76f2e7ffdfb963923829f7048
dbe13689572c20255dfee7b9d419a54fc1384ddf5b6cb36da09020707121d01e
GET /wp-content/uploads/2022/07/VCB.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/png
content-length: 36583
last-modified: Fri, 22 Jul 2022 06:41:06 GMT
etag: "62da4682-8ee7"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/TPBank.png
112.78.1.150200 OK 38 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/TPBank.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 270 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 19a7920a62f2d0815f26a0c4457854d2
22a0988b80cd5fb41b052480539421c544302692
74bf45453249ab238678922eb5139af1a3380274bc88f1be27a1e9f14fb64c6f
GET /wp-content/uploads/2022/07/TPBank.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/png
content-length: 38018
last-modified: Fri, 22 Jul 2022 06:41:04 GMT
etag: "62da4680-9482"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/BIDV.png
112.78.1.150200 OK 26 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/BIDV.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 270 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b9c5e1c6f7938fac97e998500286b72
145b9016e3729595351af2e3fca8253650b5d69a
0e15c011dfbaaa00a98fe5c11a493d3442585e3f46b0d5b74203206db01d3e3b
GET /wp-content/uploads/2022/07/BIDV.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/png
content-length: 26510
last-modified: Fri, 22 Jul 2022 06:40:59 GMT
etag: "62da467b-678e"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/VIP-Bank.png
112.78.1.150200 OK 54 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/VIP-Bank.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 270 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash b1b219f8e0440498b7749e01e195891c
2e6567277efb896f3e23cadb18d5aae8e624440c
45726b125ba3cf89e6a65b0fcaf1f125ca4ce4c1174ea26b57ca2584ff50834c
GET /wp-content/uploads/2022/07/VIP-Bank.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/png
content-length: 54028
last-modified: Fri, 22 Jul 2022 06:41:08 GMT
etag: "62da4684-d30c"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/VPBank.png
112.78.1.150200 OK 29 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/VPBank.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 270 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 62cc14303cdbfe7267ccecfb81e74e25
4a9a9233552677194646961121fd7b019a42ae77
0c451e4bcc753a4f211041c308bc0568233a521ddb028a0743a6c9433eba9efb
GET /wp-content/uploads/2022/07/VPBank.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/png
content-length: 29415
last-modified: Fri, 22 Jul 2022 06:41:10 GMT
etag: "62da4686-72e7"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/chung-cu-hoa-khanh-010-636704410362478295.jpg
112.78.1.150200 OK 116 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/chung-cu-hoa-khanh-010-636704410362478295.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 800x484, components 3\012- data
Size 116 kB (115842 bytes)
Hash f2c72ae764f2848a6d93fac6d4fa8b09
53dd5815edfb289fecdcba7ce639d157735b8f02
0c252603054218de0067f390bd650208c52095be202eec0be2af65d379a274da
GET /wp-content/uploads/2022/07/chung-cu-hoa-khanh-010-636704410362478295.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/jpeg
content-length: 115842
last-modified: Thu, 21 Jul 2022 08:13:57 GMT
etag: "62d90ac5-1c482"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/tuvan.jpg
112.78.1.150200 OK 80 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/tuvan.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 660x359, components 3\012- data
Hash 5cf0ea7d81353149eaa32d8c0e237c58
937f253e312ab6c5028c4aa728da6c6ec0969789
ff06d929f62c133b8b38563dce4feedc65982cb0371471b4905cbd85d28e6b1a
GET /wp-content/uploads/2022/07/tuvan.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/jpeg
content-length: 79699
last-modified: Fri, 22 Jul 2022 09:30:19 GMT
etag: "62da6e2b-13753"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/kythuat.jpg
112.78.1.150200 OK 88 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/kythuat.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 600x400, components 3\012- data
Hash b18014f4bfd7bc89b70aaa04ce4d68d0
081daad4008c8579dfdba597ef66898ba2f3e0a5
b5be66821260908dc9650f540afd25769f367ef27b548739a15a893f40238b34
GET /wp-content/uploads/2022/07/kythuat.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/jpeg
content-length: 88458
last-modified: Fri, 22 Jul 2022 09:36:50 GMT
etag: "62da6fb2-1598a"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11
112.78.1.150200 OK 364 kB URL HTTP/2 gre.com.vn/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (64268)
Size 364 kB (363983 bytes)
Hash 3fb3e6ddca8e7e7e2c17e90d3dd13c76
0648731e5e4258941e1815c3e9597e4983bcb680
7f63e8476900f0a7600e621e33b3f18b878664cfad27df525a88385c9b37ea6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 363983
last-modified: Thu, 21 Jul 2022 08:22:05 GMT
etag: "62d90cad-58dcf"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/styles.css?ver=1668211903
112.78.1.150200 OK 662 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/styles.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (593)
Size 662 kB (662164 bytes)
Hash f0870a2caa483909223139f3f4f3ed3c
18d9bbd439a2fe6ff825f393c9834cddf3aca252
e962ee07f8fe4e85740aa56152d764562d3eec7372444a0c8746c376c766bcc3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/css/styles.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 662164
last-modified: Fri, 29 Jul 2022 03:50:25 GMT
etag: "62e35901-a1a94"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
112.78.1.150200 OK 485 kB URL HTTP/2 gre.com.vn/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type ASCII text, with very long lines (65358)
Size 485 kB (485416 bytes)
Hash e6049b1ca50005dcfbb1cde5a4c57c7d
0356b14cbf3eab635b2c59565f2da80e3acead55
97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 485416
last-modified: Thu, 21 Jul 2022 08:21:29 GMT
etag: "62d90c89-76828"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/dondep-canh-quan.jpg
112.78.1.150200 OK 142 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/dondep-canh-quan.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x417, components 3\012- data
Size 142 kB (141949 bytes)
Hash 8e533770b6dd42d521dad1b6f78eb04d
7f79f7f7ab80bbcda796f69880bbf2a22ad34711
09b9ac62f64c435b52973ad3a74b4a0ef183bc5295bd55513f6e0211b520fdd0
GET /wp-content/uploads/2022/07/dondep-canh-quan.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/jpeg
content-length: 141949
last-modified: Fri, 22 Jul 2022 09:27:28 GMT
etag: "62da6d80-22a7d"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/Chung-cu-Blue-House-1.png
112.78.1.150200 OK 911 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/Chung-cu-Blue-House-1.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 1170 x 650, 8-bit/color RGBA, non-interlaced\012- data
Size 911 kB (910684 bytes)
Hash 703a5388fdb7264a3b7b2b543a619329
716a1b6648f41f0b8c20c4f6da768b538252a997
c378a3a5cf1c30f41d839ec971e46645ec5f664f5cd045c14f91c17c2fe42d10
GET /wp-content/uploads/2022/07/Chung-cu-Blue-House-1.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/png
content-length: 910684
last-modified: Tue, 26 Jul 2022 14:50:14 GMT
etag: "62dfff26-de55c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:51:51 GMT
expires: Thu, 09 Nov 2023 18:51:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
age: 191995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 16:40:18 GMT
expires: Fri, 10 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 113488
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11816, version 1.0\012- data
Hash 7fa68490a833a8fa395e5f3bffafc052
1880e3743548106319713b937e7769eee6b1ce21
30fa70635379ae1b58491bc41572760c1f3c8445265436a5fec4c36a197e4121
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 01:25:10 GMT
expires: Wed, 08 Nov 2023 01:25:10 GMT
cache-control: public, max-age=31536000
age: 341196
last-modified: Tue, 19 Apr 2022 18:52:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 06:06:20 GMT
expires: Fri, 10 Nov 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 151526
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:34:08 GMT
expires: Thu, 09 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 189458
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
216.58.207.195200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25036, version 1.0\012- data
Hash 9dd150fb7229e143e0f71ba1fe8c8f63
664abfc4941054600213dda51a3d6f0d05b3c312
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:09:40 GMT
expires: Sat, 11 Nov 2023 23:09:40 GMT
cache-control: public, max-age=31536000
age: 3726
last-modified: Mon, 11 Jul 2022 18:59:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:35:48 GMT
expires: Thu, 09 Nov 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 189358
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw3aXpsog.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw3aXpsog.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10280, version 1.0\012- data
Hash 21601a1a9acf15834a3a4d6e1ebecd31
77bbd40e1c573cf739aa4cc6d13b4aa242b94e02
a663bd9875a804b8fe52b9f3b8518d94948327122fa881289bd8cfc1fc96c427
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw3aXpsog.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 21:49:30 GMT
expires: Thu, 09 Nov 2023 21:49:30 GMT
cache-control: public, max-age=31536000
age: 181336
last-modified: Mon, 11 Jul 2022 18:59:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 22:17:42 GMT
expires: Wed, 08 Nov 2023 22:17:42 GMT
cache-control: public, max-age=31536000
age: 266044
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11760, version 1.0\012- data
Hash f54251ea804647e0203e453359a69fb1
c02db1a2028be922135239168d270579220844a0
b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 22:20:14 GMT
expires: Wed, 08 Nov 2023 22:20:14 GMT
cache-control: public, max-age=31536000
age: 265892
last-modified: Tue, 19 Apr 2022 19:07:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:53:49 GMT
expires: Thu, 09 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 191877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 00:11:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gre.com.vn/wp-content/uploads/2022/08/van-hanhChungcu-TM-hoakhanh.jpg
112.78.1.150200 OK 376 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/08/van-hanhChungcu-TM-hoakhanh.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:08:23 09:27:29], baseline, precision 8, 766x555, components 3\012- data
Size 376 kB (375735 bytes)
Hash 1574cdabc4c8920ea761b8ede12d2097
71bf8670fec5a6811fcd31fd49169ea4a843d503
18e944464bd6b793ea338b402838fb1f1359a191b2dbbe98c597171bda5239d1
GET /wp-content/uploads/2022/08/van-hanhChungcu-TM-hoakhanh.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/jpeg
content-length: 375735
last-modified: Tue, 23 Aug 2022 02:28:18 GMT
etag: "63043b42-5bbb7"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
112.78.1.150200 OK 75 kB URL HTTP/2 gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type Web Open Font Format (Version 2), TrueType, length 75368, version 330.32636\012- data
Hash 859c4002d9954718cac1ddea5555698f
2392ce297c92bcf2c7d5a4c461a582dadc8039c8
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://gre.com.vn/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.6.0
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:46 GMT
content-type: application/octet-stream
content-length: 75368
last-modified: Thu, 21 Jul 2022 08:21:29 GMT
etag: "62d90c89-12668"
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
216.58.207.195200 OK 5.7 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 5696, version 1.0\012- data
Hash 85fc330e5d5f44827f71c9c87e20fc08
a12bad7ed537f664c3b4ec0c501b3cce2df55921
a443599b665cfcd9a13fc46056624c65f518c06ee47925c4a940c58164b1b799
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-1927DRs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5696
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 05:43:09 GMT
expires: Thu, 09 Nov 2023 05:43:09 GMT
cache-control: public, max-age=31536000
age: 239318
last-modified: Tue, 19 Apr 2022 18:51:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8
112.78.1.150200 OK 5.6 kB URL HTTP/2 gre.com.vn/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript
content-length: 123959
last-modified: Thu, 21 Jul 2022 08:22:05 GMT
etag: "62d90cad-1e437"
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw2aXpsog.woff2
216.58.207.195200 OK 3.4 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw2aXpsog.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 3364, version 1.0\012- data
Hash 34b5787beef98663cf6194a90749dae3
6820b61a7bc729f0769a1084f0d64da5269f143a
2e6944912822d0da1655f8e15b1c4f09f58ef90cd806183f980eca56e8961b72
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw2aXpsog.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 3364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 15:27:51 GMT
expires: Sat, 11 Nov 2023 15:27:51 GMT
cache-control: public, max-age=31536000
age: 31436
last-modified: Mon, 11 Jul 2022 18:56:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/slice-2.png
112.78.1.150200 OK 2.2 MB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/slice-2.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 1920 x 700, 8-bit/color RGBA, non-interlaced\012- data
Size 2.2 MB (2245067 bytes)
Hash 2596fee143265ab81bb9908cad090b34
5078b36332e3787b987ac79798997651b2bf71be
9baa0a544d6c7d1438286d425febd04ec6099d8d0397d8ced42d30f7757ede64
GET /wp-content/uploads/2022/07/slice-2.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/png
content-length: 2245067
last-modified: Thu, 21 Jul 2022 09:18:46 GMT
etag: "62d919f6-2241cb"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/nenmoiweb.jpg?id=2538
112.78.1.150200 OK 1.5 MB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/nenmoiweb.jpg?id=2538
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3840, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=5760], progressive, precision 8, 1920x1280, components 3\012- data
Size 1.5 MB (1533220 bytes)
Hash 1939424f78e423b16bd08323ec79b635
2d067ce608aab2a5b28eceffef5dbfedae1fd653
bd14fd256678878fc7466aac422d868937736e4d47e1a449ed38323cb875d6ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/nenmoiweb.jpg?id=2538 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:46 GMT
content-type: image/jpeg
content-length: 1533220
last-modified: Tue, 26 Jul 2022 01:33:26 GMT
etag: "62df4466-176524"
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
216.58.207.195200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 5564, version 1.0\012- data
Hash d4d88a25c6405b91c0d8cb3fa6c9ca7b
06a7623d5b742d64372240e2c63c1c1330e63b90
bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 15:22:29 GMT
expires: Fri, 10 Nov 2023 15:22:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 19:11:49 GMT
content-type: font/woff2
age: 118158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/fonts/splash/stm-splash-icons.ttf?2k8afu
112.78.1.150200 OK 17 kB URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/fonts/splash/stm-splash-icons.ttf?2k8afu
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, stm-splash-icons\012- data
Hash 95ef77f0799957fd9607644368669cde
667eaed83ee98eecbcb403c8ae2a0862a9b53f33
a636433f8a8d290e9e52e68c56a10b59d1790a2b8e42d066ee3527733ace57ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/fonts/splash/stm-splash-icons.ttf?2k8afu HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/wp-content/themes/splash/assets/css/splash-icons.css?ver=1668211903
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:46 GMT
content-type: application/octet-stream
content-length: 17408
last-modified: Tue, 09 Jun 2020 09:32:01 GMT
etag: "5edf5711-4400"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/slice-22.jpg
112.78.1.150200 OK 44 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/slice-22.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 555x460, components 3\012- data
Hash 0828fc693a46911dc3894a1ed3c52a92
9bc7ff01e94246c631935e3daf52b3cf8a908012
9e3aaadeafe00ff33059afaf94bfefbe1a2c306870b030de6481e60157dd5e72
GET /wp-content/uploads/2022/07/slice-22.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: image/jpeg
content-length: 1170209
last-modified: Tue, 26 Jul 2022 01:42:27 GMT
etag: "62df4683-11db21"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/chungcu-bluehouse-anh-bia-555x460.jpg
112.78.1.150200 OK 57 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/chungcu-bluehouse-anh-bia-555x460.jpg
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 555x460, components 3\012- data
Hash 75fb250dfec5e9a74ef1c5dddcd0283f
35b9169709ea10078607b4c4464faa30200addb3
c1bb867b944e7fd6cb5c028b26203239279f4af2b27a8f41ca6aaf472642e479
GET /wp-content/uploads/2022/07/chungcu-bluehouse-anh-bia-555x460.jpg HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:46 GMT
content-type: image/jpeg
content-length: 56809
last-modified: Fri, 29 Jul 2022 06:57:32 GMT
etag: "62e384dc-dde9"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/nen.jpg?id=2532
112.78.1.150200 OK 1.2 MB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/nen.jpg?id=2532
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=3456, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=5184], progressive, precision 8, 1920x1280, components 3\012- data
Size 1.2 MB (1167772 bytes)
Hash 4443017ddcf71dced4830b2b2ffda05b
f6bef48397b7323b6b57c75e9398a39b507366ea
b60cf53de6fafe28325b351ab9cc4cc1280cf98d9668ce5b03fa73708901cfbe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/nen.jpg?id=2532 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:46 GMT
content-type: image/jpeg
content-length: 1167772
last-modified: Tue, 26 Jul 2022 01:21:50 GMT
etag: "62df41ae-11d19c"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/revslider/public/assets/assets/loader.gif
112.78.1.150200 OK 2.5 kB URL HTTP/2 gre.com.vn/wp-content/plugins/revslider/public/assets/assets/loader.gif
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type GIF image data, version 89a, 24 x 24\012- data
Hash 4b3afb84b2b71ef56df09997a350bd04
accdac8a7abeab0e21c49539aad0a973addb28ef
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
GET /wp-content/plugins/revslider/public/assets/assets/loader.gif HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:47 GMT
content-type: image/gif
content-length: 2545
last-modified: Thu, 21 Jul 2022 08:22:05 GMT
etag: "62d90cad-9f1"
accept-ranges: bytes
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.42200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.42:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://gre.com.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 12 Nov 2022 00:11:47 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://gre.com.vn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/cropped-logoLicogi13-192x192.png
112.78.1.150200 OK 38 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/cropped-logoLicogi13-192x192.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Hash ba1020f9d923f21a15cf77f2f45600ca
2a1adabaff003a3e537cdca459997c2eb69f0413
a156d3ffa4a6cbb71ebafffc5e3ff216d3314f338992bd3d2eea33716cb68a78
GET /wp-content/uploads/2022/07/cropped-logoLicogi13-192x192.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:47 GMT
content-type: image/png
content-length: 12448
last-modified: Thu, 21 Jul 2022 08:54:59 GMT
etag: "62d91463-30a0"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/uploads/2022/07/cropped-logoLicogi13-32x32.png
112.78.1.150200 OK 1.7 kB URL HTTP/2 gre.com.vn/wp-content/uploads/2022/07/cropped-logoLicogi13-32x32.png
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 221dab9089816646d437b74987020f5d
59b0f7ac68a4d360bb7517819f50b4f5bcf55be4
e8c36e4e0a7a2c6ce9eca2fc6655b0bad2df84ee0dc5a2e4b40a711e7077f2bd
GET /wp-content/uploads/2022/07/cropped-logoLicogi13-32x32.png HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:47 GMT
content-type: image/png
content-length: 1655
last-modified: Thu, 21 Jul 2022 08:54:59 GMT
etag: "62d91463-677"
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97c5c44bd44390f0c719f56ecee6d513
1d791a0dadbfbab7c9b377783587ff728b2008d8
5995012d66ee68690d198a0857848077bfe80d88b2f2987a54f2d896461f7275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6797
x-amzn-requestid: 3e8b7aaf-8e8a-4a04-8bc0-e18e6044a50a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM6-F3DIAMFzfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-3bfa53123a76e84f210fea38;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zz90ngWySbVf_cXv_HBcQpNfb4MCsTVTl5l5bBPL4MaPXAF4VIifdA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:02:51 GMT
age: 7739
etag: "1d791a0dadbfbab7c9b377783587ff728b2008d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700%7CRoboto+Condensed%3Aregular%2Citalic%2C700%2C300%2C300italic%2C700italic&ver=1668211903
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700%7CRoboto+Condensed%3Aregular%2Citalic%2C700%2C300%2C300italic%2C700italic&ver=1668211903
IP 142.250.74.10:0
GET /css?family=Montserrat%3Aregular%2C700%7CRoboto+Condensed%3Aregular%2Citalic%2C700%2C300%2C300italic%2C700italic&ver=1668211903 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 00:11:44 GMT
date: Sat, 12 Nov 2022 00:11:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400%2C700%7CMontserrat:400%7CRoboto+Condensed:700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400%2C700%7CMontserrat:400%7CRoboto+Condensed:700
IP 142.250.74.10:0
GET /css?family=Roboto:400%2C700%7CMontserrat:400%7CRoboto+Condensed:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Nov 2022 00:11:44 GMT
date: Sat, 12 Nov 2022 00:11:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gre.com.vn/?wc-ajax=get_refreshed_fragments
112.78.1.150200 OK 0 B URL HTTP/2 gre.com.vn/?wc-ajax=get_refreshed_fragments
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://gre.com.vn
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:47 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/7.3.5
access-control-allow-origin: https://gre.com.vn
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
172.67.39.148200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 172.67.39.148:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 171668
etag: W/"bb9-5ec71e264ddf8"
last-modified: Wed, 02 Nov 2022 00:25:57 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768b0d542832b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gre.com.vn/wp-content/themes/splash/assets/css/animate.css?ver=1668211903
112.78.1.150200 OK 0 B URL HTTP/2 gre.com.vn/wp-content/themes/splash/assets/css/animate.css?ver=1668211903
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/splash/assets/css/animate.css?ver=1668211903 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 77222
last-modified: Tue, 09 Jun 2020 09:32:00 GMT
etag: "5edf5710-12da6"
accept-ranges: bytes
X-Firefox-Spdy: h2
gre.com.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3
112.78.1.150200 OK 0 B URL HTTP/2 gre.com.vn/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3
IP 112.78.1.150:0
ASN #45538 ODS Joint Stock Company
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.8.3 HTTP/1.1
Host: gre.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gre.com.vn/
Cookie: anspress_session=84fd732cccfba2d20162a73359b9c613
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 00:11:44 GMT
content-type: text/css
content-length: 209885
last-modified: Thu, 21 Jul 2022 08:22:20 GMT
etag: "62d90cbc-333dd"
accept-ranges: bytes
X-Firefox-Spdy: h2