Overview

URLnhatngudht.com/
IP 202.92.4.97 (Vietnam)
ASN#45899 VNPT Corp
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 06:14:04 UTC
StatusLoading report..
IDS alerts0
Blocklist alert21
urlquery alerts No alerts detected
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
nhatngudht.com (53) 0 2017-03-02 00:04:43 UTC 2022-11-24 02:11:24 UTC 202.92.4.97 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.39.62.124
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
use.fontawesome.com (1) 942 2018-09-18 10:26:26 UTC 2020-03-18 00:09:30 UTC 172.64.133.15
r3.o.lencr.org (9) 344 No data No data 23.36.77.32
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 17:10:57 UTC 34.117.237.239
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-29 17:14:13 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
duhocnhatban.vmweb.vn (1) 0 2022-11-17 08:55:51 UTC 2022-11-17 08:55:51 UTC 202.92.4.97 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 nhatngudht.com/ Malware
2022-11-30 2 nhatngudht.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ve (...) Malware
2022-11-30 2 nhatngudht.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-11-30 2 nhatngudht.com/wp-content/themes/flatsome-child/style.css?ver=3.0 Malware
2022-11-30 2 nhatngudht.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?v (...) Malware
2022-11-30 2 nhatngudht.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 Malware
2022-11-30 2 nhatngudht.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2 Malware
2022-11-30 2 nhatngudht.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=fcf0c16 (...) Malware
2022-11-30 2 nhatngudht.com/wp-content/themes/flatsome/assets/libs/packery.pkgd.min.js?v (...) Malware
2022-11-30 2 nhatngudht.com/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff Malware
2022-11-30 2 nhatngudht.com/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu7GxMKTU1Kvnz.woff Malware
2022-11-30 2 nhatngudht.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmEU9fChc-AMP6lbBP.woff Malware
2022-11-30 2 nhatngudht.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff Malware
2022-11-30 2 nhatngudht.com/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu7WxMKTU1Kvnz.woff Malware
2022-11-30 2 nhatngudht.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v (...) Malware
2022-11-30 2 nhatngudht.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Malware
2022-11-30 2 nhatngudht.com/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js (...) Malware
2022-11-30 2 nhatngudht.com/wp-json/contact-form-7/v1/contact-forms/16/feedback/schema Malware
2022-11-30 2 nhatngudht.com/wp-json/contact-form-7/v1/contact-forms/14/feedback/schema Malware
2022-11-30 2 nhatngudht.com/wp-content/fonts/roboto/KFOlCnqEu92Fr1MmEU9fCxc-AMP6lbBP.woff Malware
2022-11-30 2 nhatngudht.com/ Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 202.92.4.97
Date UQ / IDS / BL URL IP
2022-12-24 01:41:58 +0000 0 - 0 - 7 minibee.site/TAC.php 202.92.4.97
2022-11-30 06:14:04 +0000 0 - 0 - 21 nhatngudht.com/ 202.92.4.97
2022-11-28 12:08:25 +0000 0 - 0 - 48 googlesport.vn/ 202.92.4.97


Last 5 reports on ASN: VNPT Corp
Date UQ / IDS / BL URL IP
2023-02-05 21:55:33 +0000 0 - 0 - 23 113.174.22.89/ 113.174.22.89
2023-02-05 21:54:18 +0000 0 - 0 - 2 icdlvietnam.vn/jVAsLmPBF8Ru/Dhl_Status_641683 (...) 202.92.4.34
2023-02-05 21:44:32 +0000 0 - 0 - 4 vatlieuxanh.vn/resources/uploads/files/570156 (...) 202.92.4.34
2023-02-05 20:19:51 +0000 0 - 0 - 7 m.bds247.vn/bat-dong-san/26417/Sang-nhuong-GA (...) 202.92.4.34
2023-02-05 16:24:40 +0000 5 - 0 - 10 intek.com.vn/ 123.30.191.186


Last 1 reports on domain: nhatngudht.com
Date UQ / IDS / BL URL IP
2022-11-30 06:14:04 +0000 0 - 0 - 21 nhatngudht.com/ 202.92.4.97


No other reports with similar screenshot

JavaScript

Executed Scripts (18)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (83)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3034
Expires: Wed, 30 Nov 2022 07:04:26 GMT
Date: Wed, 30 Nov 2022 06:13:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 174
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 06:13:52 GMT
Last-Modified: Wed, 30 Nov 2022 06:10:58 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2879
Expires: Wed, 30 Nov 2022 07:01:51 GMT
Date: Wed, 30 Nov 2022 06:13:52 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 05:19:40 GMT
cache-control: public,max-age=3600
age: 3252
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: XsrZo2ZlAe+/CbhEGJk7vy8zs065uX/gJ5u+XB69MiciZTbV7PONcSHVp10M1MPc4emAb6Ww8oc=
x-amz-request-id: GNYKYRK6JJ6ZF0XK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 05:45:45 GMT
age: 1687
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 06:13:52 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 06:08:56 GMT
cache-control: public,max-age=3600
age: 296
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 114
Cache-Control: max-age=96889
Date: Wed, 30 Nov 2022 06:13:53 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:08:42 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         202.92.4.97
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
location: https://nhatngudht.com/
content-length: 0
date: Wed, 30 Nov 2022 06:13:53 GMT
server: LiteSpeed


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JxHQ3OIpImqDiarIdEMCPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.39.62.124
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ybBx235UQ/36aulk8AEKkB5zyrQ=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B26647EFE3FD3CB4249D15F975A14578C0E9032421B21E067F55CF4B3229338B"
Last-Modified: Tue, 29 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Wed, 30 Nov 2022 12:13:42 GMT
Date: Wed, 30 Nov 2022 06:13:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 06:13:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 06:13:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 06:13:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 06:13:54 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
age: 29108
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7a6f598-362e-4a6c-ba04-330df636e33b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8498
x-amzn-requestid: f6b92060-88d4-49bd-b60e-94d99feca4e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYiBaGPOIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867d3c-331dacfb087d23881924eef9;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:44:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Zv5zu1q8h4GFU6agEcDzSVFYuvF74qu7UBnovs3vH5jpu17cmyxjQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:57:37 GMT
age: 29777
etag: "127ac68bac21c88ffc6e09cc6666e93de4746a1f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8498
Md5:    f3c7e8351884491aeab9323c004bc3f3
Sha1:   127ac68bac21c88ffc6e09cc6666e93de4746a1f
Sha256: e6fa04c502105c43c85c00d39481d2598c6d8fd56540e10107b6668c51597ae4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11070
x-amzn-requestid: 3f342f57-8231-4ba9-9105-dd3fa43ca8d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsg9FNAoAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6384279f-27e7956e0f3a694338951b8a;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:14:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhq6EXPP69HkKofiAAD5x6j9gVuLzO9qvcwBfYUMiBGR47Sdqccf_g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 05:01:59 GMT
age: 4315
etag: "9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11070
Md5:    4cc55889e6edaa76fa8c991914b5347b
Sha1:   9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a
Sha256: 3122c681063a6ee629f5516c433ea3cc65f771d3394df1d6c4b0a1cb91100831
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52cf4797-5177-4859-9523-faeb4e38f224.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9812
x-amzn-requestid: 70bfeb68-0703-44bf-8550-50c759d52d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDbFolIAMFYBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-73fb65ee2b9161372819207f;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QQCoNlJBSE2V-IQlZr37dhINTABRu3ms9Y1p4FweO36HD-U6m9vvwg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 30069
etag: "ce411cc5b0a37bbd89551d06d7d0349f45734e97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9812
Md5:    5c5277610f3a542571abb53ffb3d4df1
Sha1:   ce411cc5b0a37bbd89551d06d7d0349f45734e97
Sha256: 3bf1105631ef7fda0249a46390ca90f904ea73b0a4f017c2db85326550a80a3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 29580
etag: "2f3a39a528d3b759060203931de33c12303592e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9330
Md5:    bbe350ea797a0fec5a19a450fc5de4b4
Sha1:   2f3a39a528d3b759060203931de33c12303592e1
Sha256: 4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6bad627-8bb4-4de1-a2da-92da8f9ec614.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7658
x-amzn-requestid: e729e5b6-0c92-4ed3-b449-4a30d5bb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEyEQSIAMFWsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1e-1bba7e9a2d15d66779b1896c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AuN9hTb4YydNZjvpnTGyE313wl-O3F_p4jC_NUSe8kr3RB_4AjOEMw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 29849
etag: "47aafca572d34f9726a0174ac902178556e581d8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7658
Md5:    536cd283dee06cf1ceb9e15e4850db92
Sha1:   47aafca572d34f9726a0174ac902178556e581d8
Sha256: 63a5acf87962da6656f828422545af0ccc0888f0a2a15ebd2160ffb3714e6241
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 92
Cache-Control: max-age=107672
Date: Wed, 30 Nov 2022 06:13:54 GMT
Etag: "6385f5de-117"
Expires: Thu, 01 Dec 2022 12:08:26 GMT
Last-Modified: Tue, 29 Nov 2022 12:06:54 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   848
Md5:    c962ba8e7d42ff9da18392b41dad5151
Sha1:   7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
Sha256: 322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   144
Md5:    fcbd239f30d9a6dd1f3637f291143d37
Sha1:   2871bf7d98af3f43e42f7fa32808048e7134fabf
Sha256: c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
                                        
                                            GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.16.2 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 27790
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   27790
Md5:    a4f9c943913a5352e8615fe406d9bc85
Sha1:   612cf964b79c96773fa45865ca37e94ad6110d0e
Sha256: de9f51a4e2a20f3ccafd9245a795e817d357e9fea584565db58267f1cf0bfcc9
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 93
Cache-Control: max-age=107672
Date: Wed, 30 Nov 2022 06:13:55 GMT
Etag: "6385f5de-117"
Expires: Thu, 01 Dec 2022 12:08:27 GMT
Last-Modified: Tue, 29 Nov 2022 12:06:54 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1512
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   1512
Md5:    2739d5d2dd558a6a4722e7eec02e355f
Sha1:   86dca057ee181c617b6ac9b865632bedd634146f
Sha256: 08dd459f23ffe56b4778b12f2ce37bfe0ade6c02ccd3b6e84326b126a32763f3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 156
Cache-Control: max-age=98347
Date: Wed, 30 Nov 2022 06:13:55 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 09:33:02 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 156
Cache-Control: max-age=98347
Date: Wed, 30 Nov 2022 06:13:55 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 09:33:02 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/uploads/2022/11/logo.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 27035
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 106, 8-bit/color RGBA, non-interlaced\012- data
Size:   27035
Md5:    f023645db1518a5ea0c83b2a439e263c
Sha1:   2b435e5378c5f820c7929947c0ab676a5b382ed8
Sha256: 893aaef1e30408cabaf1f1d4ae2f0c3e34c286ba3f35f864c33b42a04281470e
                                        
                                            GET /wp-content/uploads/2022/11/facebook-messenger.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 1140
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1140
Md5:    9a00f9c2e504788b3079e0ccddc69b92
Sha1:   8a3ff5e8457d06e4d7f3476c99f45a546ffae0ff
Sha256: 03248584f24c2d42d715e258792e5cc98e8a97b27ea983ce9765a4c6d6c72baf
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:54 GMT
last-modified: Thu, 24 Nov 2022 02:22:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937), with no line terminators
Size:   2817
Md5:    4317b1c024df372435f6482deadddeb3
Sha1:   5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
Sha256: 3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators
Size:   3706
Md5:    dc6411bfa6891b75944f0074c945752d
Sha1:   03c1a8b686c287068c61ab90f58d905496d65085
Sha256: 96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2354
Md5:    4e773d7cec56bacab6d2db420be6f262
Sha1:   c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
Sha256: 5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
                                        
                                            GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 668
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1464)
Size:   668
Md5:    b57bb5f7f55be8837811df1bbfebd197
Sha1:   a9fd3372526724938daa13cba926cff79395cbae
Sha256: 26512154e931a4b5441386af49e0e6d93a298ec6ae9ce2088d292cba42d61c7c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.16.2 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4709
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13072)
Size:   4709
Md5:    e869ca7ada44ddb17c31f0600e7f34c2
Sha1:   5a391b86a5c8d5e747fc04de8374b64eccd3f96c
Sha256: 5abe1036749c10de32e5aa4e52b8fcda590a451db98b0b42886e779597fb9a5f
                                        
                                            GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=fcf0c1642621a86609ed4ca283f0db68 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16069
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (56924), with no line terminators
Size:   16069
Md5:    c52eaa5ca318a8fc522de1ced55feb6e
Sha1:   c498b4964eb06efe60180a7d57f6462b7710fa9e
Sha256: 91cb1331b7521e565b6d71ef15c14c14d12a0fb66a6448f42e13db0191fe2f71

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/flatsome/assets/libs/packery.pkgd.min.js?ver=3.16.2 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9218
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32047)
Size:   9218
Md5:    3cad9cc63b304755c17d36bdbc6602b2
Sha1:   79f63dcdbeb1173b2e6eb8e00edabd77cac7c8af
Sha256: f32ab751a81bb9788cc7efb4e4d9533df885de43a13b64b918d12afeaefe1131

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: font/woff
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 14384
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 14384, version 1.1\012- data
Size:   14384
Md5:    c7ab406db23cf2d880297f07a0ae35d3
Sha1:   53c9df3243c24df8728a0dd5be3c9c82ab7a38af
Sha256: a9fdbefae33b742c5c1379fabbfa02d3491a9095ef762d8e23f135b66eefd7c9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu7GxMKTU1Kvnz.woff HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: font/woff
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 10208
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 10208, version 1.1\012- data
Size:   10208
Md5:    c9b7ba0d80f18dbe20b30e88e1d09484
Sha1:   b7e2550f960bdab656aa64af9551db92cc955b0c
Sha256: c2b940863c2973c37f56c4a3a6dce49088137623a4fd3ab542a566663e5f766a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/11/Tai-Sao-Chon-Viet-Tri-MD-4.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 9936
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced\012- data
Size:   9936
Md5:    1bea74db8b3c7c61b45c4a87724f5885
Sha1:   fa50aa617dfcc9111e6f28e0c9157f050508dc33
Sha256: 81b7a2993c05e997dc1196439180f1565ef2c7ae877bd52bce5c25b6ec348543
                                        
                                            GET /wp-content/uploads/2022/11/Gioi-Thieu-Viet-Tri-MD1.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 94277
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 585 x 338, 8-bit colormap, non-interlaced\012- data
Size:   94277
Md5:    f6d7d46bb035736fe9e170681cb8a8ae
Sha1:   48f79574fbae2a7e416d94d335cb377903c8955d
Sha256: a8c1a8e768332a14b8b1a3caca2dd9405411522c1d1172823ba4f076f118775b
                                        
                                            GET /wp-content/uploads/2022/11/Tai-Sao-Chon-Viet-Tri-MD-2.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 9418
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced\012- data
Size:   9418
Md5:    3788ffb465c011bc1abf89210a3a7702
Sha1:   1a01c364f3e673ebc0a92dd5ed5595ab5920b0b7
Sha256: 6e06a61091a2649c54914f23dd58e68bfdd64a802359a8e349486b8f426bc1d8
                                        
                                            GET /wp-content/uploads/2022/11/Tai-Sao-Chon-Viet-Tri-MD-3.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 7650
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced\012- data
Size:   7650
Md5:    9e85462df18f757e7ddc606d8bb13888
Sha1:   07fbe898fe76003069790d2742211562c433421f
Sha256: 1e913704d67208133ef89a67e227649b142760915fe5bdd6a683148288703bc7
                                        
                                            GET /wp-content/uploads/2022/11/Tai-Sao-Chon-Viet-Tri-MD-1.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 8497
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced\012- data
Size:   8497
Md5:    9198c3f94128a3019a8ef4197305c5cc
Sha1:   e4a631c4885d1385d6c182ebc27d39daf2c2ecc8
Sha256: df15cdcc6d79fd4943c487cfbaf3c16b6a135fc01aebf63fe7386620b5e69194
                                        
                                            GET /wp-content/fonts/roboto/KFOlCnqEu92Fr1MmEU9fChc-AMP6lbBP.woff HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: font/woff
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 10184
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 10184, version 1.1\012- data
Size:   10184
Md5:    62dab7c7314bf28fa5eccb61ccba5fb3
Sha1:   39470907ba8cb5868b316c710744b54d9804024a
Sha256: a303676a0a89cba41d9cee6e5324a216fae654cce74e42345b77c85e2921180e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/fonts/roboto/KFOlCnqEu92Fr1MmEU9fBBc-AMP6lQ.woff HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: font/woff
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 14424
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 14424, version 1.1\012- data
Size:   14424
Md5:    ad4c3ac03977ab2f8f577be1d51e7e40
Sha1:   9938c0a0bc7d1a0cc7bbb0818c34475c4edc267e
Sha256: 3ac31048383d43b9dde380b77a988381c4b185edc01509680056b4871a1b0166

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu7WxMKTU1Kvnz.woff HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: font/woff
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 4752
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 4752, version 1.1\012- data
Size:   4752
Md5:    08a0a460f57b4d4bf3e90e5047be8039
Sha1:   85a13eb09db35619c525b87a461e5ae0a5061af9
Sha256: d2390f1ad8902a7e7b0be990e71dc85092e74b49aca502cd86898c8787e52e2a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.16.2 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: font/woff2
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:51 GMT
accept-ranges: bytes
content-length: 7068
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7068, version 1.0\012- data
Size:   7068
Md5:    48c36cf085b90e204ed78cf3b5925098
Sha1:   8708b0fff49904b989ea4d62291957dd827dd254
Sha256: 8bdd2549e2df32257d86d141069f086600680d6132d18143617f0289d8926414

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/11/Bg-Footerv2.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 546933
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1900 x 1981, 8-bit/color RGB, non-interlaced\012- data
Size:   546933
Md5:    4b9cf363b48c136e9dba1e9ae82a5aaa
Sha1:   e6571404a834e6657bb15b012b181c5f79d20410
Sha256: d78928f3cb14e97877c4dbed5447f30da8b5b401c50a8fe36d860bade81c539e
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15983
Md5:    f5f4c88b4e63e2afd442dac062e85086
Sha1:   6f0a2e66faa0ab2012adb84c4626799cf8fbfc3b
Sha256: e76737b11eeda09ed324cf02be7ccfdb451351017f14cfe555e52d6026268ddb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/11/truong-nhat-ngu-igl.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 22572
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 278 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size:   22572
Md5:    03ead05cbd70b4dd8db087e248eabeec
Sha1:   116e3ae1ccd76329cc5f456e2148f6aa3d57597e
Sha256: 42b0e97da114a2867311b4afbd43d690fb186f40ed1edbdfeb2896b197f1f4dd
                                        
                                            GET /wp-content/uploads/2022/11/truong-nhat-ngu-an-language-school.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 12522
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 278 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size:   12522
Md5:    014ecef32797f3d280324fceee980318
Sha1:   931726ff826dcdaab8e21d1af6ffd0cbe29d8e02
Sha256: e7a736df753bb110f9b09eb50c0e1930f0a497d45a21dc0ca961113755f4d473
                                        
                                            GET /wp-content/uploads/2022/11/nhat-ngu-osaka-1.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 22761
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 278 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size:   22761
Md5:    d8e33e4c9f960c5d875e5eca374bd3ed
Sha1:   1a3e86253d37694c4c4b2243ceae98522df29daf
Sha256: e49cf9345b013cf45531413fa5b404f78c479092f74a45cd960ba049198eaef4
                                        
                                            GET /wp-content/uploads/2022/11/fpt-japan-1.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 7858
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 278 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size:   7858
Md5:    527c247c6a8bcc26b934ab22b2774391
Sha1:   6e0fc6957722088ebb13b3dc8ff585e7257a5d95
Sha256: f596823145019a486b40395eb5fac57805d824eb92d431faeb0f06423fa58583
                                        
                                            GET /wp-content/uploads/2022/11/first-study-1.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 33635
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 278 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size:   33635
Md5:    887e57a2828193e39ab04126c95407e7
Sha1:   3d1c25d05e0a16735a9674c216512f54a2c1bc78
Sha256: 8676a19a7a70e4354e718fbf1316ec8fec9e7fcde0d01c2c65c0f0de61b95c6b
                                        
                                            GET /wp-content/uploads/2022/11/fpt-japan.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 7858
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 278 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size:   7858
Md5:    527c247c6a8bcc26b934ab22b2774391
Sha1:   6e0fc6957722088ebb13b3dc8ff585e7257a5d95
Sha256: f596823145019a486b40395eb5fac57805d824eb92d431faeb0f06423fa58583
                                        
                                            GET /wp-content/themes/flatsome/assets/js/chunk.vendors-slider.js?ver=3.16.2 HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: max-age=3600, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:51 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12785
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (49588), with no line terminators
Size:   12785
Md5:    06915008b0f2e575d10cc215e3c5a3b7
Sha1:   6828e401e454549bf4071749daec598f285e8045
Sha256: 9fed2267f7a1ed36f8ef75a4bbcf0f83082eb25ddee215352707030da85f999a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-json/contact-form-7/v1/contact-forms/16/feedback/schema HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nhatngudht.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
x-robots-tag: noindex
link: <https://nhatngudht.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding
content-length: 159
content-encoding: br
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (308), with no line terminators
Size:   159
Md5:    ed34b9116e79e30fea7f4f3fb9f9ff41
Sha1:   be76ae44497d1d23a348b1bfa09392fe65e0033e
Sha256: 2556f2e8d4a6052ac6da25bd40b5fe7268d7a7b306d4cc3502512732145c79a4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-json/contact-form-7/v1/contact-forms/14/feedback/schema HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nhatngudht.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
x-robots-tag: noindex
link: <https://nhatngudht.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding
content-length: 152
content-encoding: br
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   152
Md5:    70059d192c6e5f80036442af89232f6d
Sha1:   d2d4eba7fe7ef6afd347b6611dcc17734123a168
Sha256: 84b72de07a4de66b617d6b3441a5926eb2d68081f18f98228cb991645b1d3b83

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/11/Bg-Thu-Vien-Anh-Video1.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 39204
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1899 x 688, 8-bit/color RGB, non-interlaced\012- data
Size:   39204
Md5:    cab7c9839a72372ac9541d339a1eeeec
Sha1:   526765f15a45687ed4f43ffdc7b7f12f615e3c15
Sha256: cf27e8efa6f1fd753ca52618921aa5035fcec82b1a8010bea496ccf1deb37d02
                                        
                                            GET /wp-content/uploads/2022/11/Slide.jpg HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:55 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 233777
date: Wed, 30 Nov 2022 06:13:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x737, components 3\012- data
Size:   233777
Md5:    bedc7428b492519b3840b538fe9c9da9
Sha1:   33cb80428a7e11802431dba41fb76d8b31ff53b2
Sha256: ca8fb4bf191839817bf6ce4f99f528a909c12af2f849afae99861a527377f30c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6E311F7434BFB48F289ED03F6903AD21F566FDC84DADD4112D6EA0E26B432A80"
Last-Modified: Tue, 29 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Wed, 30 Nov 2022 12:13:54 GMT
Date: Wed, 30 Nov 2022 06:13:56 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2022/11/Album-Nhat-Ban.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 398095
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 307, 8-bit/color RGBA, non-interlaced\012- data
Size:   398095
Md5:    75d5e4695df31f6bde01b3e568cc876a
Sha1:   c5a2182136240a474c200d686dead1b48acb4577
Sha256: 3e65f4771032c137fc7c6bb1a6cff727034fcddf9366937050f0fd950f285e85
                                        
                                            GET /wp-content/uploads/2022/11/Dia-Diem-Du-Hoc-Nhat-Ban.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 216218
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 384 x 230, 8-bit/color RGBA, non-interlaced\012- data
Size:   216218
Md5:    af5e7e2dbc65ec1b433eb33fa9eb08e6
Sha1:   b6a650fd2ef4482cd437968203f1c8f906c46925
Sha256: 67ee5d5dba3041c7aba6d2a0bfee373ba58d08cc2b48b2a08fe84e05502b98b5
                                        
                                            GET /wp-content/uploads/2022/11/bg-contact-form-min.png HTTP/1.1 
Host: duhocnhatban.vmweb.vn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

search
                                         202.92.4.97
HTTP/1.1 200 OK
content-type: image/png
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Tue, 22 Nov 2022 05:43:41 GMT
accept-ranges: bytes
content-length: 17257
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed


--- Additional Info ---
Magic:  PNG image data, 951 x 681, 8-bit/color RGB, non-interlaced\012- data
Size:   17257
Md5:    e1e2403479f349284eaa94610cd5fcb1
Sha1:   d19743d7bc40b3b1fe81eabaaaad1ac3ad155200
Sha256: 1b0f672c54ab5ae27ee5cf00a1f07c79d463c1220920894b7093074ce16e617b
                                        
                                            GET /wp-content/uploads/2022/11/Nhat-Ban-Dat-Nuoc-Mat-Troi-Moc.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 158731
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 384 x 230, 8-bit/color RGBA, non-interlaced\012- data
Size:   158731
Md5:    99db4d9a590e16e859c8a0cc106b6891
Sha1:   0ad1c9788c0a3fcf49b46cf38b7310bca73c537b
Sha256: 2ab256d9aae807d9f4a94a5a7d2f51997f83d795c0f0863e68431d7f46a2404f
                                        
                                            GET /wp-content/uploads/2022/11/Van-Hoa-Nhat-Ban.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 236005
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 384 x 230, 8-bit/color RGBA, non-interlaced\012- data
Size:   236005
Md5:    b12aee58ac3e89a01e7980b96a53c8d6
Sha1:   30a97cfb9fa18af0535acc7d319eea6e5219fec3
Sha256: 204f62dddffd9142ce500f4161f89009d83a4b82f8a2030283881cf17d256ec3
                                        
                                            GET /wp-content/uploads/2015/11/Khai-niem-du-hoc-nhat-ban-la-gi1-280x280.jpg HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 16834
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 280x280, components 3\012- data
Size:   16834
Md5:    50dd6dcbe69089021ba96045c9a82f3c
Sha1:   ff7f3e40772ca8a759816b7db56dbb34b5990bad
Sha256: 6c2ec9384deff6b0877333314ce888c5b52f65e504b5e1b23c3b5c52f3663f60
                                        
                                            GET /wp-content/uploads/2015/10/Du-hoc-Nhat-he-vua-hoc-vua-lam1-280x280.jpg HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 20671
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 280x280, components 3\012- data
Size:   20671
Md5:    9121e0235cc9539a7951f83887454b66
Sha1:   7aad808132a9fda00cb916135c19df547a6bf2a9
Sha256: 374df13e76614c4a623256413edee1516705f1bad5187e2f77128b2c6a953637
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4D8256FFDEF930689F2F35B6DAD61BB4749EC5A610AEDE34D962814E50EF8A87"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 30 Nov 2022 12:13:56 GMT
Date: Wed, 30 Nov 2022 06:13:56 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2015/10/Nen-di-du-hoc-Han-Quoc-hay-Nhat-Ban1-280x280.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 42490
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size:   42490
Md5:    bd69b06c737dce8cc979adeda0e8b03a
Sha1:   06981cb2dd68ceaa8680338329127cada9165e86
Sha256: b6ced441ec44399e9102698435322b4fa4214409810a479048d5137200fc73ae
                                        
                                            GET /wp-content/uploads/2022/11/Du-hoc-nhat-ban-tu-tuc11.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 300689
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 900 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size:   300689
Md5:    866214e5129cb34ee1d954cb518ea12e
Sha1:   b786db42e0aef571471dcb160d848a1521b67ce4
Sha256: f25870a7da2a1e90e4c6ae1f0d4f667dd5b3aba68d125c5899ffddafa7ccd4fd
                                        
                                            GET /wp-content/fonts/roboto/KFOlCnqEu92Fr1MmEU9fCxc-AMP6lbBP.woff HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: font/woff
                                        
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:53 GMT
accept-ranges: bytes
content-length: 4728
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 4728, version 1.1\012- data
Size:   4728
Md5:    8d5980bfc50f0d5cb683f3e899a4f7c3
Sha1:   5bbd347c3d8449e3a3d60a147b971986551b36e9
Sha256: 7899e6a59497bd74ecd8087bee209dbf099e0bd973e0440be20cacb8a7940741

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2022/11/cropped-logo-32x32.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 2417
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   2417
Md5:    8df8030ab1df42e0ed1ac8ae67c72710
Sha1:   739ce77c22353de72667e680581fa13f9b9cd21b
Sha256: f458efe77c43c5f1895876d73ac860239b1bef43e3dea8b98e2a5a1b25bb9033
                                        
                                            GET /wp-content/uploads/2022/11/cropped-logo-192x192.png HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: max-age=2629000, public
expires: Wed, 07 Dec 2022 06:13:56 GMT
last-modified: Thu, 24 Nov 2022 02:22:52 GMT
accept-ranges: bytes
content-length: 35859
date: Wed, 30 Nov 2022 06:13:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   35859
Md5:    82c2625f2fb18754302ef7e9a6b5c02a
Sha1:   b81cbe63f76cf5de0d95d2c327331d2451ae7809
Sha256: a7a16d8c78475690dc7d2d9b706b4bb80513a6a94aab798dbafcd26ff244824d
                                        
                                            GET / HTTP/1.1 
Host: nhatngudht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         202.92.4.97
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/7.4.33
link: <https://nhatngudht.com/wp-json/>; rel="https://api.w.org/", <https://nhatngudht.com/wp-json/wp/v2/pages/99>; rel="alternate"; type="application/json", <https://nhatngudht.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 06:13:54 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6275)
Size:   325751
Md5:    a5cf198a8445b4380d3db34a82ad9c9e
Sha1:   c523d0b0bf73addbc1331ec61b0165abefba1b2e
Sha256: 996de7b8d8e01548e3243f8330207090aaf720c0b2a60da8c89c9a30a15fb75b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vOFoi7vW7NluI5wQB03BGh9efp_jvCoH1sUh4s1ubG_JAC6KcDkHxg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:15:52 GMT
age: 28689
etag: "05f46985ea4ace57460120876da8e19db08857b3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8885
Md5:    8825a2c5c0d98323f489e0b816b7f1d8
Sha1:   05f46985ea4ace57460120876da8e19db08857b3
Sha256: 1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1
                                        
                                            GET /1ad2a7dd98.js?ver=1.0.0 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 30 Nov 2022 06:13:55 GMT
x-amz-id-2: cqrz2iRlO7F3Yi3WXt2GrjJy1rOaIQzm0gebXatc8NrcOj/LrxaVmdfX2maBl2V0K2K1OtNHxP/P7J42yQUZpg==
x-amz-request-id: S6TAHFZGJHYBBX04
last-modified: Wed, 30 Jun 2021 17:11:21 GMT
etag: W/"d7ecba6b1c0d76b2bd9a0afc832e0f51"
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlCjvefQAHmp7glgIMQBv%2Bo1b6b6bdhCesiqxN6%2BD6UnJPjVDjULUnoH8XetU4WYf04FpSMXAiutHAM4QFpBomze3ZqCgFU5e6ZXhRPFPy4veY1O2oEU5m6xrk2eML%2Fb99mBfqAh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7721709a18ce74d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvmweb.vn&tabs&width=340&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=367595494308342 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nhatngudht.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
x-fb-debug: FTlPi9VpLf6QERwg/GcB3fZZBbvGaB8eSbVjRWgCdx0EiFxwMagU06J6Ehff8B6pScLqG9OxFrZrGDkTOVTmpA==
date: Wed, 30 Nov 2022 06:13:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---