r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4434
Expires: Fri, 02 Dec 2022 08:29:30 GMT
Date: Fri, 02 Dec 2022 07:15:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5075
Cache-Control: max-age=103211
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:15:36 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:55:47 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2174
Expires: Fri, 02 Dec 2022 07:51:50 GMT
Date: Fri, 02 Dec 2022 07:15:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 06:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3445
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: V+zIgpfLcb/B8GJHVoft4en10a2CQX2pUnXaQbuYGPg9l99TGnsP/VRZQvqPsZNcyDgUzOjWULWrIyraeNO+fg==
x-amz-request-id: 9G2R535HQS60R1M1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 06:46:00 GMT
age: 1776
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:15:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 07:08:57 GMT
cache-control: public,max-age=3600
age: 399
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5065
Cache-Control: max-age=98138
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:15:36 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:31:14 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8WiMC3DNUlOqazSGW77qcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rVz/zgZTagTxU6bsLE8pnKt6ZI8=
fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
142.250.74.106200 OK 519 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
IP 142.250.74.106:0
Hash 5be1a2626960b84069757e72929351f6
5b7dd08d654cca2b037e85731ed5135f0d2cc0be
0adb8ab3cfff2b21e30c6a13ab6fcb4d82f5ac6ac4dbaf24ab4608e6f0d76242
GET /css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Dec 2022 07:15:37 GMT
Date: Fri, 02 Dec 2022 07:15:37 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
nimh.gov.vn/
103.124.92.130200 OK 14 kB IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 04c1ca6c9ce413b3ddde4b93f89f5037
6d48c63f67fa08c0905e89c2e295b154277046ea
5c5f84cd3d5ebe3c21d9a64108fe9a6fc7f9c25c63faf7bfe093051f49476f76
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:33 GMT
Server: Apache/2
X-Powered-By: PHP/7.2.17
Link: <http://nimh.gov.vn/wp-json/>; rel="https://api.w.org/", <http://nimh.gov.vn/wp-json/wp/v2/pages/99>; rel="alternate"; type="application/json", <http://nimh.gov.vn/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 14545
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8
nimh.gov.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
103.124.92.130200 OK 12 kB URL HTTP/1.1 nimh.gov.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:34 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 15 Nov 2022 19:44:37 GMT
ETag: "172a9-5ed87960f5b70-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12518
Keep-Alive: timeout=2, max=100
Content-Type: text/css
nimh.gov.vn/contents/themes/flatsome/assets/css/fl-icons.css?ver=3.12
103.124.92.130200 OK 161 B URL HTTP/1.1 nimh.gov.vn/contents/themes/flatsome/assets/css/fl-icons.css?ver=3.12
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (327)
Hash b99e67fe7419c667a1d0236a1823a1f6
6e8bf1cbcac35ea75637be52099b2de73dba7c7d
38be94774abf0e8cfe78738ff13d9c6323f92fc4df3acbb6423a8d44f64a66b7
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /contents/themes/flatsome/assets/css/fl-icons.css?ver=3.12 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 09:11:57 GMT
ETag: "148-5b9a1d036e8f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 161
Keep-Alive: timeout=2, max=100
Content-Type: text/css
nimh.gov.vn/contents/plugins/custom-wp-login//lib/css/min/yikes-custom-login-public.min.css?ver=1.2.2
103.124.92.130200 OK 2.0 kB URL HTTP/1.1 nimh.gov.vn/contents/plugins/custom-wp-login//lib/css/min/yikes-custom-login-public.min.css?ver=1.2.2
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (7754), with no line terminators
Hash 907c2312fb0243dc6a76c6af92fa6ed5
675c09c841da212aaf276dc7a421bb583c6ad8e8
7628ab3cec1959c8475bbabe16d088c929119db09651bb7d0399031906439d85
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /contents/plugins/custom-wp-login//lib/css/min/yikes-custom-login-public.min.css?ver=1.2.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 26 Jan 2021 03:49:14 GMT
ETag: "1e4a-5b9c589ca2ed0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1993
Keep-Alive: timeout=2, max=100
Content-Type: text/css
nimh.gov.vn/contents/themes/vientamthan/style.css?ver=3.0
103.124.92.130200 OK 213 B URL HTTP/1.1 nimh.gov.vn/contents/themes/vientamthan/style.css?ver=3.0
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
Hash be6aabf2188a220567ed33335088472f
2b4da1280a371c5716b682070febb7cdd21907e0
98f6dcfd604032fb9304e52fdb067d56bc234ecc1ed3afd70c9ab32fc3212c96
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /contents/themes/vientamthan/style.css?ver=3.0 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 09:19:37 GMT
ETag: "12c-5b9a1eba0f608-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 213
Keep-Alive: timeout=2, max=100
Content-Type: text/css
nimh.gov.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.124.92.130200 OK 4.2 kB URL HTTP/1.1 nimh.gov.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Sat, 23 Jan 2021 09:26:55 GMT
ETag: "2bd8-5b98de7e341d8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4169
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nimh.gov.vn/contents/themes/flatsome/assets/css/flatsome.css?ver=3.12.2
103.124.92.130200 OK 29 kB URL HTTP/1.1 nimh.gov.vn/contents/themes/flatsome/assets/css/flatsome.css?ver=3.12.2
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4b6e6ff7be362ed6cabcb16fb426536a
f069a2ecad3a03e93af9345d1ede74617df58757
49a0b4f3ef9d56761e60c32b48381baf63c2db5eab93ace6db9eb56134125ee3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /contents/themes/flatsome/assets/css/flatsome.css?ver=3.12.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 09:11:59 GMT
ETag: "23a2b-5b9a1d054d130-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28881
Keep-Alive: timeout=2, max=100
Content-Type: text/css
nimh.gov.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
103.124.92.130200 OK 2.5 kB URL HTTP/1.1 nimh.gov.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 24 May 2022 19:45:29 GMT
ETag: "194b-5dfc732ef0b30-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2457
Keep-Alive: timeout=2, max=100
Content-Type: application/javascript
nimh.gov.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
103.124.92.130200 OK 6.5 kB URL HTTP/1.1 nimh.gov.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 287748e15cc4a588d0df39da369d9035
b02e10a775f9d6ab54d448acffbc9253e2d9bfb9
742f6e950eecbeaf0c308f5d3877e48d6d57d48b7f8bd458d81875feb4b58654
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Wed, 02 Nov 2022 07:44:05 GMT
ETag: "459f-5ec780143f1f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6532
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nimh.gov.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
103.124.92.130200 OK 31 kB URL HTTP/1.1 nimh.gov.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Wed, 02 Nov 2022 07:44:05 GMT
ETag: "15e54-5ec780144a988-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30995
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nimh.gov.vn/contents/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
103.124.92.130200 OK 4.0 kB URL HTTP/1.1 nimh.gov.vn/contents/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (13485), with no line terminators
Hash e5986e8389d6200fabba7f773c5fb069
1ea165e18c005bdc213d67c961bab0a8a767c640
2432c0c86ce1e08a1b2039669534d965c4ad9cdeafe5c32c03d4a588f2644d04
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /contents/plugins/contact-form-7/includes/js/index.js?ver=5.4.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Fri, 25 Jun 2021 02:03:30 GMT
ETag: "34ad-5c58d8bd96c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4004
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 86129
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPuZoyOu_QAqbZvTUaNy1J3BOqnR2ttrIhv9BwRmWnKeba-e6MZWKA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:55:34 GMT
age: 33604
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FhCtGsjgnq83-zRNBH-y9BHUh2IRaN0ahO-BCUw7bTWU8jAanBqdlA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:35 GMT
age: 33723
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:43:11 GMT
age: 84747
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 34007
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 33942
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nimh.gov.vn/contents/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2
103.124.92.130200 OK 5.1 kB URL HTTP/1.1 nimh.gov.vn/contents/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (12801)
Hash c6f36881e478d749d49956a0ac121d1e
515be595d70805e7f9a3099c75fa40e9c9edc131
5ced2bca148339c2dfd7efb910eca401b02734bada4b12060cd129b2b1afa034
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /contents/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:16:34 GMT
ETag: "3e04-5b9a1e0b6a260-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5106
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nimh.gov.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2
103.124.92.130200 OK 706 B URL HTTP/1.1 nimh.gov.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (1464)
Hash e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Tue, 24 May 2022 19:45:29 GMT
ETag: "5db-5dfc732f10700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 706
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nimh.gov.vn/wp-includes/css/classic-themes.min.css?ver=1
103.124.92.130200 OK 189 B URL HTTP/1.1 nimh.gov.vn/wp-includes/css/classic-themes.min.css?ver=1
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Wed, 02 Nov 2022 07:44:04 GMT
ETag: "d9-5ec78014374f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css
nimh.gov.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
103.124.92.130200 OK 5.0 kB URL HTTP/1.1 nimh.gov.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Tue, 24 May 2022 19:45:29 GMT
ETag: "48b9-5dfc732f14198-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5009
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nimh.gov.vn/contents/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
103.124.92.130200 OK 932 B URL HTTP/1.1 nimh.gov.vn/contents/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
Hash b1eb322499f2dbc18499a9a46edd88fd
47213d17cb0eb45bd12ede49ee77e6c384b3664a
e3ec4292fd6b24707fe8b93f5d423120dcbc25aa702e7d434749910f947e4060
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /contents/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Fri, 25 Jun 2021 02:03:30 GMT
ETag: "a50-5c58d8bd94d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 932
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
142.250.74.163200 OK 5.4 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5368, version 1.0\012- data
Hash a48b0f049358d7503c497abb4dcbc4d6
d764e136ada1fba8ec4d99994b179d984d7983b8
4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nimh.gov.vn
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 5368
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 19:38:08 GMT
Expires: Wed, 29 Nov 2023 19:38:08 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 15:56:40 GMT
Content-Type: font/woff2
Age: 214650
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2
142.250.74.163200 OK 5.5 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5472, version 1.0\012- data
Hash 4bde07f991ba6af69a1e009fd7ce9d1a
ed53e9f8967142ea4aa2fd113f696799319d91b2
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
GET /s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nimh.gov.vn
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 5472
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 11:42:04 GMT
Expires: Wed, 29 Nov 2023 11:42:04 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 15:50:06 GMT
Content-Type: font/woff2
Age: 243214
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nimh.gov.vn
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 18:20:54 GMT
Expires: Wed, 29 Nov 2023 18:20:54 GMT
Cache-Control: public, max-age=31536000
Age: 219284
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nimh.gov.vn
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:29:30 GMT
Expires: Wed, 29 Nov 2023 17:29:30 GMT
Cache-Control: public, max-age=31536000
Age: 222368
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2
nimh.gov.vn/contents/uploads/2021/01/logo-1.png
103.124.92.130200 OK 24 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/logo-1.png
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 9643cc6b32e3c7dbbdf3a3e3bfc2e4d6
34933e31c8b2ba2e7be6aa257340c2d24d75cf35
6ac2a6b596d77b772ffb41176c155dd4a9413216c33d835e1d22fc41a34e636a
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/logo-1.png HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Tue, 26 Jan 2021 03:50:51 GMT
ETag: "5f33-5b9c58f8a7140"
Accept-Ranges: bytes
Content-Length: 24371
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/png
nimh.gov.vn/contents/themes/flatsome/assets/css/icons/fl-icons.woff2
103.124.92.130200 OK 6.5 kB URL HTTP/1.1 nimh.gov.vn/contents/themes/flatsome/assets/css/icons/fl-icons.woff2
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type Web Open Font Format (Version 2), TrueType, length 6536, version 1.0\012- data
Hash 21c4c69602dadee988f10c502b44d1c1
7d28ed1775492300f859296ef85ce371c26a6ff3
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /contents/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nimh.gov.vn/contents/themes/flatsome/assets/css/fl-icons.css?ver=3.12
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:11:57 GMT
ETag: "1988-5b9a1d03988d0"
Accept-Ranges: bytes
Content-Length: 6536
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
nimh.gov.vn/contents/themes/flatsome/assets/js/flatsome.js?ver=3.12.2
103.124.92.130200 OK 50 kB URL HTTP/1.1 nimh.gov.vn/contents/themes/flatsome/assets/js/flatsome.js?ver=3.12.2
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type ASCII text, with very long lines (19155)
Hash 42d395efd612e1328204cf52c8a88790
e6802e1a3432a9dce711c686fd74df0dc8a6ba31
0e6794e09c6ef8a68520d0855ad68fa05d88d77652c7a8df512a73d23bb97f49
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /contents/themes/flatsome/assets/js/flatsome.js?ver=3.12.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:12:10 GMT
ETag: "2a4c3-5b9a1d0fadd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 50298
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nimh.gov.vn/contents/uploads/2021/01/OIP-3.jpg
103.124.92.130200 OK 18 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/OIP-3.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 474x315, components 3\012- data
Hash d4407b0634d945cb84cd924b2d6f0096
ff4949904563baa7d956437761e43381e0f6d2dc
3c0126ce596fa5166ff41dfcae55957267df54ae78a2cb1bb4cf70e9b9d1a237
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/OIP-3.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:15 GMT
ETag: "448b-5b9a1f176bc48"
Accept-Ranges: bytes
Content-Length: 17547
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/download.jpg
103.124.92.130200 OK 55 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/download.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 690x447, components 3\012- data
Hash 2ff2607cd18ae8416a5af3bef5ff8dc1
95c78aede81f1227ec45370a03e59fdf33128104
486ccda157b2cd55ff0b16c3dd1c822d8795dc26519c6efccbd05f6db1fd9d49
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/download.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:35 GMT
ETag: "d623-5b9a1ef129558"
Accept-Ranges: bytes
Content-Length: 54819
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1-1.jpg
103.124.92.130200 OK 53 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1-1.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 474x315, components 3\012- data
Hash b4abf6f45c7dd12851765cf409c3089c
d0dd02c6d52d4f43d21d9eb26b7c96f106ab8eec
3e17f880cbf4ddb65dc677fb3a6b102bfc72c64c9b125ce2197c9334c2d104d5
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1-1.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:23 GMT
ETag: "ce59-5b9a1f1e99e70"
Accept-Ranges: bytes
Content-Length: 52825
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/benh_vien_bach_mai.jpg
103.124.92.130200 OK 117 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/benh_vien_bach_mai.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 690x447, components 3\012- data
Size 117 kB (117124 bytes)
Hash 47afae1f2b8fb2c565064274d694c4ea
41a70120f54cd2abdbde1646ff403f74356c719a
5c03f74e98a5e180e52ae24bc0f7515886e68171f5f509c055d09ccd626f22d2
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/benh_vien_bach_mai.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:03 GMT
ETag: "1c984-5b9a1ed2966e0"
Accept-Ranges: bytes
Content-Length: 117124
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/OIP-4-1.jpg
103.124.92.130200 OK 45 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/OIP-4-1.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, orientation=upper-left], baseline, precision 8, 474x315, components 3\012- data
Hash f0d15e26592b2973b631e0509c50c39b
495ea8813034d34a6f69ebe2227c1da33f4591d5
6f78a9b15825defd7d4b95075d931828ada778aa8e5608421894e2d05b5d1c47
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/OIP-4-1.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:16 GMT
ETag: "b11a-5b9a1f17e9800"
Accept-Ranges: bytes
Content-Length: 45338
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1.jpg
103.124.92.130200 OK 21 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 660x330, components 3\012- data
Hash d5177cff568f5a901e8d3bfe1471e3bf
043e92249e3c3f755a576a523165a694b1db3a0c
5a3896e8c4fdb69dbc485281182d28172375030954dffeaa4aaf216804cc2732
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:23 GMT
ETag: "52f7-5b9a1f1f04978"
Accept-Ranges: bytes
Content-Length: 21239
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/so-do-to-chuc-khoa-kham-benh-benh-vien-bach-mai-1006.jpg
103.124.92.130200 OK 192 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/so-do-to-chuc-khoa-kham-benh-benh-vien-bach-mai-1006.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 690x447, components 3\012- data
Size 192 kB (191679 bytes)
Hash 1aa1a1207fedc2812893d8718ef3280e
71f50eafa13748fd1499d3f0f2f532826b6ab601
e541ffee748d0e7acf3e4352a230ecfdc51389a25ecd67f8d429d69079552a23
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/so-do-to-chuc-khoa-kham-benh-benh-vien-bach-mai-1006.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:24 GMT
ETag: "2ecbf-5b9a1f1fbda68"
Accept-Ranges: bytes
Content-Length: 191679
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/OIP-4.jpg
103.124.92.130200 OK 19 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/OIP-4.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 474x320, components 3\012- data
Hash 01608d4a39a3c4eee96021f6cd8c5d03
124b8ffe5f9ee7f8d469627a9b9d71c9e90f67ff
f1003204ec356f5c5ad1ed41d7624770fd5f0b64f007b981801e822dfb3eb67d
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/OIP-4.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:16 GMT
ETag: "4b5e-5b9a1f18304d0"
Accept-Ranges: bytes
Content-Length: 19294
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/OIP-1.jpg
103.124.92.130200 OK 13 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/OIP-1.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 474x316, components 3\012- data
Hash fe02d5f384469a781b31eed2a7419342
7509f6a05cf4c6fd8565a70c3bf39b11e2e6d590
d0aca7e060b722f9dda6b0844c1bd4bbddfcba80e7f6123667ce858d5e8dd0fc
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/OIP-1.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:13 GMT
ETag: "3284-5b9a1f155f1c0"
Accept-Ranges: bytes
Content-Length: 12932
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/IMG-7577_1-1079x800.jpg
103.124.92.130200 OK 179 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/IMG-7577_1-1079x800.jpg
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=Apple, model=iPhone 7 Plus, xresolution=130, yresolution=138, resolutionunit=2, software=Adobe Photoshop Camera Raw 7.0 (Windows), datetime=2019:06:17 21:16:48], baseline, precision 8, 1079x800, components 3\012- data
Size 179 kB (179391 bytes)
Hash f22da4daca3702a7e0eda42c73dabf98
8baea847111e572abafb2bb0a8725cb61fe09708
6db67a66d165d0192dcaf42c5436175b25b0b9ea50c1201869feb2e117fef22d
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/IMG-7577_1-1079x800.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:46 GMT
ETag: "2bcbf-5b9a1efb99f10"
Accept-Ranges: bytes
Content-Length: 179391
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
nimh.gov.vn/contents/uploads/2021/01/phong-chuc-nang-la-gi.png
103.124.92.130200 OK 125 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/phong-chuc-nang-la-gi.png
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type PNG image data, 690 x 447, 8-bit/color RGBA, non-interlaced\012- data
Size 125 kB (124819 bytes)
Hash 060792b360ea84ca6110f5be3390c44b
5e495b86d152a549dbb42ef89e0ad1e34d1585d5
60bcb873dadc3363b597d1612bf8b6dc2cc0375b8fd112beb940aa9ee806c3a4
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/phong-chuc-nang-la-gi.png HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:37 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:19 GMT
ETag: "1e793-5b9a1f1b12950"
Accept-Ranges: bytes
Content-Length: 124819
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/png
nimh.gov.vn/contents/uploads/2021/01/cropped-logo-32x32.png
103.124.92.130200 OK 2.9 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/cropped-logo-32x32.png
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f43f1189fe5e0d7d8ce3c38d06f0959
3e75d37a74374c176eacb84b743942e0d94c83a4
89286d8cc4ecab30c4eca6efc9b4fc1a56e359c4e6bdc134a995c240b36d19b6
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/cropped-logo-32x32.png HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:37 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:04 GMT
ETag: "b85-5b9a1ed3e4a88"
Accept-Ranges: bytes
Content-Length: 2949
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: image/png
nimh.gov.vn/contents/uploads/2021/01/cropped-logo-192x192.png
103.124.92.130200 OK 61 kB URL HTTP/1.1 nimh.gov.vn/contents/uploads/2021/01/cropped-logo-192x192.png
IP 103.124.92.130:0
ASN #131353 NhanHoa Software company
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 9cdf743d5cf4396524eab876cb376160
7d4ec850705aeb57b3adb0269421733c8ab496fc
89c531376b54bfe0051796e69ccdf0aa35093ecff13f33793750ecc4796bfb88
Analyzer Verdict Alert quad9 Sinkholed
GET /contents/uploads/2021/01/cropped-logo-192x192.png HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:37 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:04 GMT
ETag: "edb9-5b9a1ed389980"
Accept-Ranges: bytes
Content-Length: 60857
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 68772438-16c4-40ab-a40e-860425d8301c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGyhHVsIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e76-21d27db6708228002e738938;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JOCSKxy4WUDbS22Gd9BlyN1gmcDsDNlNWnT57KITGlNwfOe_Iaco9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:59 GMT
age: 34006
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2