Report - nimh.gov.vn/

Report Overview

Submitted URL
nimh.gov.vn/
IP
103.124.92.130
ASN
#131353 NhanHoa Software company
Submitted
2022-12-02 07:15:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
92

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.189.35.180
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	53 kB	34.120.237.76
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	60 kB	142.250.74.163
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	1.1 kB	142.250.74.106
nimh.gov.vn	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	1.1 MB	103.124.92.130

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	nimh.gov.vn/	Phishing
2022-12-02	medium	nimh.gov.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Phishing
2022-12-02	medium	nimh.gov.vn/contents/themes/flatsome/assets/css/fl-icons.css?ver=3.12	Phishing
2022-12-02	medium	nimh.gov.vn/contents/plugins/custom-wp-login//lib/css/min/yikes-custom-login-public.min.css?ver=1.2.2	Phishing
2022-12-02	medium	nimh.gov.vn/contents/themes/vientamthan/style.css?ver=3.0	Phishing
2022-12-02	medium	nimh.gov.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-12-02	medium	nimh.gov.vn/contents/themes/flatsome/assets/css/flatsome.css?ver=3.12.2	Phishing
2022-12-02	medium	nimh.gov.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Phishing
2022-12-02	medium	nimh.gov.vn/contents/plugins/contact-form-7/includes/js/index.js?ver=5.4.1	Phishing
2022-12-02	medium	nimh.gov.vn/contents/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2	Phishing
2022-12-02	medium	nimh.gov.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2	Phishing
2022-12-02	medium	nimh.gov.vn/contents/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1	Phishing
2022-12-02	medium	nimh.gov.vn/contents/themes/flatsome/assets/css/icons/fl-icons.woff2	Phishing
2022-12-02	medium	nimh.gov.vn/contents/themes/flatsome/assets/js/flatsome.js?ver=3.12.2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed
2022-12-02	medium	nimh.gov.vn	Sinkholed

JavaScript (16)

	URL	Size	First Seen	Last Seen
	nimh.gov.vn/contents/plugins/contact-form-7/includes/js/index.js?ver=5.4.1	14 kB	2023-03-07	2024-04-20
Pretty URL nimh.gov.vn/contents/plugins/contact-form-7/includes/js/index.js?ver=5.4.1 IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:27 Last Seen2024-04-20 20:44:42 Times Seen1281 Hash daca149c46601376ce5db68f3658323c 21e17b71d1bcd6c62274d21ad8015a105a0385d2 927d5436967ebce8a52c4bdcd27cc056c910a72270f74990dfbd1d554840c12d Loading...

	nimh.gov.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-26
Pretty URL nimh.gov.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 01:56:03 Times Seen38055 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	nimh.gov.vn/	339 B	2023-03-07	2024-04-26
Pretty URL nimh.gov.vn/ IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-26 05:04:05 Times Seen2131 Hash 80eb606ae631d7760a47050a336e9c98 1895e077ab430f3e2c09d04f1a0e15f56354e524 59d41b81261f9b0e9cd5f2ea1cc02c32e9f3b548efc7a2534b98e47e517fda35 Loading...

	nimh.gov.vn/	3.5 kB	2023-03-08	2023-03-29
Pretty URL nimh.gov.vn/ IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:39 Last Seen2023-03-29 23:10:15 Times Seen3 Hash 19c13b3add2ad0a97cbd1643dd3e9a36 16d4a9d66eb62e7a0ca2fc817ced6dfa81feda3f a3db6d3cfc58244761c374d9f408ed82f14009e86c6123608063b0c7536a8f3b Loading...

	nimh.gov.vn/	2.1 kB	2023-03-08	2023-03-09
Pretty URL nimh.gov.vn/ IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:39 Last Seen2023-03-09 00:17:20 Times Seen1 Hash d1c7daede4f24f81cbd489faa20b7f1b 64c9ee904dec897276b621c7b21db7e209e3a86a b46d6de001d0f92fe4f042df347508d652fac0be5f56aa86e2c713e9dcaead26 Loading...

	nimh.gov.vn/	124 B	2023-03-08	2023-03-09
Pretty URL nimh.gov.vn/ IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:39 Last Seen2023-03-09 00:17:19 Times Seen1 Hash 78829e769265b6a2dbe32f59ed522aec 08f5ac0a33f21c7f15c1ee01e26c5089b38baa6b 21ad334175c2708f791ebcfd08b5d750eb12ec2e80e912887397757b5f9fa0e1 Loading...

	nimh.gov.vn/	11 kB	2023-03-08	2024-02-06
Pretty URL nimh.gov.vn/ IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:39 Last Seen2024-02-06 12:40:21 Times Seen7 Hash 502a6e1504694209cfe7b93582d498fa ea66b161f5112c51899c77a7939fc0ed9c43d627 e20f30a09a3ae9f559931d9bafeeeeecdfe933504087fe4024d476c975a43605 Loading...

	nimh.gov.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-26
Pretty URL nimh.gov.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 04:19:36 Times Seen31827 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	nimh.gov.vn/contents/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2	16 kB	2023-03-07	2024-04-26
Pretty URL nimh.gov.vn/contents/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2 IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-26 05:04:06 Times Seen1176 Hash 78f792b41dfe4097675e09e805529455 57cc1e04e0235d54bc197945b9d0f167d9454244 ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143 Loading...

	nimh.gov.vn/	712 B	2023-03-08	2023-03-09
Pretty URL nimh.gov.vn/ IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:39 Last Seen2023-03-09 00:17:20 Times Seen1 Hash 2d1c0bf6467d9214eebc8b11e4a687bb de40b1bc276de850e58d6e6c1eae65a55699e5ac b293466e98d518fbd3b4c217315b766bf5407bbc1c378d173a95df1c7fb9f2de Loading...

	nimh.gov.vn/contents/themes/flatsome/assets/js/flatsome.js?ver=3.12.2	173 kB	2023-03-07	2024-02-22
Pretty URL nimh.gov.vn/contents/themes/flatsome/assets/js/flatsome.js?ver=3.12.2 IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-02-22 06:01:57 Times Seen175 Hash 9a4ab7d5bff29765df08e6d38c437b97 bc612aac4cc65db4919281ba358999ca43f75510 fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392 Loading...

	nimh.gov.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-25
Pretty URL nimh.gov.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 21:53:57 Times Seen15501 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	nimh.gov.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2	1.5 kB	2023-03-07	2024-04-26
Pretty URL nimh.gov.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-04-26 10:42:38 Times Seen27437 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	nimh.gov.vn/	102 B	2023-03-07	2024-04-26
Pretty URL nimh.gov.vn/ IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-26 09:26:01 Times Seen6728 Hash 336b4b067dcb50351d5e2d7c92cf1631 9709109f27eaad0c5a1e50facc142f8f197a11b6 ef2f7f28db32250196ae2c8242611a7f7159c2a539dabd40b82071b1c07561c6 Loading...

	nimh.gov.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL nimh.gov.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 103.124.92.130 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 10:10:59 Times Seen68662 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

		Size	First Seen	Last Seen
	#1 Write - 20d5477b3c7ae3c574f9f3f151035fed	3.6 kB	2023-03-08	2024-02-06
Pretty Observations First Seen2023-03-08 14:32:39 Last Seen2024-02-06 12:40:21 Times Seen6 Hash 20d5477b3c7ae3c574f9f3f151035fed 26fce26e5a5b2024619aab993a960fbfe425f90f 188fc42388315bd6fa9388914c687c4e7fb54516fa171022995fc91124c0e6ec Loading...

HTTP Transactions (58)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4434
Expires: Fri, 02 Dec 2022 08:29:30 GMT
Date: Fri, 02 Dec 2022 07:15:36 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5075
Cache-Control: max-age=103211
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:15:36 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:55:47 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2174
Expires: Fri, 02 Dec 2022 07:51:50 GMT
Date: Fri, 02 Dec 2022 07:15:36 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 06:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3445
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: V+zIgpfLcb/B8GJHVoft4en10a2CQX2pUnXaQbuYGPg9l99TGnsP/VRZQvqPsZNcyDgUzOjWULWrIyraeNO+fg==
x-amz-request-id: 9G2R535HQS60R1M1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 06:46:00 GMT
age: 1776
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:15:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 07:08:57 GMT
cache-control: public,max-age=3600
age: 399
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5065
Cache-Control: max-age=98138
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:15:36 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:31:14 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.189.35.180

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.35.180:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8WiMC3DNUlOqazSGW77qcg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rVz/zgZTagTxU6bsLE8pnKt6ZI8=

fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

142.250.74.106

200 OK

519 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
519 B (519 bytes)
Hash
5be1a2626960b84069757e72929351f6
5b7dd08d654cca2b037e85731ed5135f0d2cc0be
0adb8ab3cfff2b21e30c6a13ab6fcb4d82f5ac6ac4dbaf24ab4608e6f0d76242

HTTP Headers

GET /css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Dec 2022 07:15:37 GMT
Date: Fri, 02 Dec 2022 07:15:37 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

nimh.gov.vn/

103.124.92.130

200 OK

14 kB

URL HTTP/1.1
nimh.gov.vn/
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
14 kB (14545 bytes)
Hash
04c1ca6c9ce413b3ddde4b93f89f5037
6d48c63f67fa08c0905e89c2e295b154277046ea
5c5f84cd3d5ebe3c21d9a64108fe9a6fc7f9c25c63faf7bfe093051f49476f76

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:33 GMT
Server: Apache/2
X-Powered-By: PHP/7.2.17
Link: <http://nimh.gov.vn/wp-json/>; rel="https://api.w.org/", <http://nimh.gov.vn/wp-json/wp/v2/pages/99>; rel="alternate"; type="application/json", <http://nimh.gov.vn/>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 14545
Keep-Alive: timeout=2, max=100
Content-Type: text/html; charset=UTF-8

nimh.gov.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

103.124.92.130

200 OK

12 kB

URL HTTP/1.1
nimh.gov.vn/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (47826)
Size
12 kB (12518 bytes)
Hash
8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:34 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 15 Nov 2022 19:44:37 GMT
ETag: "172a9-5ed87960f5b70-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12518
Keep-Alive: timeout=2, max=100
Content-Type: text/css

nimh.gov.vn/contents/themes/flatsome/assets/css/fl-icons.css?ver=3.12

103.124.92.130

200 OK

161 B

URL HTTP/1.1
nimh.gov.vn/contents/themes/flatsome/assets/css/fl-icons.css?ver=3.12
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (327)
Size
161 B (161 bytes)
Hash
b99e67fe7419c667a1d0236a1823a1f6
6e8bf1cbcac35ea75637be52099b2de73dba7c7d
38be94774abf0e8cfe78738ff13d9c6323f92fc4df3acbb6423a8d44f64a66b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /contents/themes/flatsome/assets/css/fl-icons.css?ver=3.12 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 09:11:57 GMT
ETag: "148-5b9a1d036e8f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 161
Keep-Alive: timeout=2, max=100
Content-Type: text/css

nimh.gov.vn/contents/plugins/custom-wp-login//lib/css/min/yikes-custom-login-public.min.css?ver=1.2.2

103.124.92.130

200 OK

2.0 kB

URL HTTP/1.1
nimh.gov.vn/contents/plugins/custom-wp-login//lib/css/min/yikes-custom-login-public.min.css?ver=1.2.2
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (7754), with no line terminators
Size
2.0 kB (1993 bytes)
Hash
907c2312fb0243dc6a76c6af92fa6ed5
675c09c841da212aaf276dc7a421bb583c6ad8e8
7628ab3cec1959c8475bbabe16d088c929119db09651bb7d0399031906439d85

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /contents/plugins/custom-wp-login//lib/css/min/yikes-custom-login-public.min.css?ver=1.2.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 26 Jan 2021 03:49:14 GMT
ETag: "1e4a-5b9c589ca2ed0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1993
Keep-Alive: timeout=2, max=100
Content-Type: text/css

nimh.gov.vn/contents/themes/vientamthan/style.css?ver=3.0

103.124.92.130

200 OK

213 B

URL HTTP/1.1
nimh.gov.vn/contents/themes/vientamthan/style.css?ver=3.0
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text
Size
213 B (213 bytes)
Hash
be6aabf2188a220567ed33335088472f
2b4da1280a371c5716b682070febb7cdd21907e0
98f6dcfd604032fb9304e52fdb067d56bc234ecc1ed3afd70c9ab32fc3212c96

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /contents/themes/vientamthan/style.css?ver=3.0 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 09:19:37 GMT
ETag: "12c-5b9a1eba0f608-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 213
Keep-Alive: timeout=2, max=100
Content-Type: text/css

nimh.gov.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

103.124.92.130

200 OK

4.2 kB

URL HTTP/1.1
nimh.gov.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Sat, 23 Jan 2021 09:26:55 GMT
ETag: "2bd8-5b98de7e341d8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4169
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

nimh.gov.vn/contents/themes/flatsome/assets/css/flatsome.css?ver=3.12.2

103.124.92.130

200 OK

29 kB

URL HTTP/1.1
nimh.gov.vn/contents/themes/flatsome/assets/css/flatsome.css?ver=3.12.2
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28881 bytes)
Hash
4b6e6ff7be362ed6cabcb16fb426536a
f069a2ecad3a03e93af9345d1ede74617df58757
49a0b4f3ef9d56761e60c32b48381baf63c2db5eab93ace6db9eb56134125ee3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /contents/themes/flatsome/assets/css/flatsome.css?ver=3.12.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 24 Jan 2021 09:11:59 GMT
ETag: "23a2b-5b9a1d054d130-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28881
Keep-Alive: timeout=2, max=100
Content-Type: text/css

nimh.gov.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

103.124.92.130

200 OK

2.5 kB

URL HTTP/1.1
nimh.gov.vn/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.5 kB (2457 bytes)
Hash
27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 24 May 2022 19:45:29 GMT
ETag: "194b-5dfc732ef0b30-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2457
Keep-Alive: timeout=2, max=100
Content-Type: application/javascript

nimh.gov.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

103.124.92.130

200 OK

6.5 kB

URL HTTP/1.1
nimh.gov.vn/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
6.5 kB (6532 bytes)
Hash
287748e15cc4a588d0df39da369d9035
b02e10a775f9d6ab54d448acffbc9253e2d9bfb9
742f6e950eecbeaf0c308f5d3877e48d6d57d48b7f8bd458d81875feb4b58654

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Wed, 02 Nov 2022 07:44:05 GMT
ETag: "459f-5ec780143f1f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6532
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

nimh.gov.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

103.124.92.130

200 OK

31 kB

URL HTTP/1.1
nimh.gov.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (65447)
Size
31 kB (30995 bytes)
Hash
1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Wed, 02 Nov 2022 07:44:05 GMT
ETag: "15e54-5ec780144a988-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30995
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

nimh.gov.vn/contents/plugins/contact-form-7/includes/js/index.js?ver=5.4.1

103.124.92.130

200 OK

4.0 kB

URL HTTP/1.1
nimh.gov.vn/contents/plugins/contact-form-7/includes/js/index.js?ver=5.4.1
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (13485), with no line terminators
Size
4.0 kB (4004 bytes)
Hash
e5986e8389d6200fabba7f773c5fb069
1ea165e18c005bdc213d67c961bab0a8a767c640
2432c0c86ce1e08a1b2039669534d965c4ad9cdeafe5c32c03d4a588f2644d04

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /contents/plugins/contact-form-7/includes/js/index.js?ver=5.4.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Fri, 25 Jun 2021 02:03:30 GMT
ETag: "34ad-5c58d8bd96c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4004
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:15:38 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 86129
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11443 bytes)
Hash
d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPuZoyOu_QAqbZvTUaNy1J3BOqnR2ttrIhv9BwRmWnKeba-e6MZWKA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:55:34 GMT
age: 33604
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7732 bytes)
Hash
379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FhCtGsjgnq83-zRNBH-y9BHUh2IRaN0ahO-BCUw7bTWU8jAanBqdlA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:35 GMT
age: 33723
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8863 bytes)
Hash
156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:43:11 GMT
age: 84747
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4840 bytes)
Hash
60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 34007
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 33942
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

nimh.gov.vn/contents/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2

103.124.92.130

200 OK

5.1 kB

URL HTTP/1.1
nimh.gov.vn/contents/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (12801)
Size
5.1 kB (5106 bytes)
Hash
c6f36881e478d749d49956a0ac121d1e
515be595d70805e7f9a3099c75fa40e9c9edc131
5ced2bca148339c2dfd7efb910eca401b02734bada4b12060cd129b2b1afa034

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /contents/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:16:34 GMT
ETag: "3e04-5b9a1e0b6a260-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5106
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript

nimh.gov.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2

103.124.92.130

200 OK

706 B

URL HTTP/1.1
nimh.gov.vn/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (1464)
Size
706 B (706 bytes)
Hash
e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Tue, 24 May 2022 19:45:29 GMT
ETag: "5db-5dfc732f10700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 706
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

nimh.gov.vn/wp-includes/css/classic-themes.min.css?ver=1

103.124.92.130

200 OK

189 B

URL HTTP/1.1
nimh.gov.vn/wp-includes/css/classic-themes.min.css?ver=1
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Wed, 02 Nov 2022 07:44:04 GMT
ETag: "d9-5ec78014374f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css

nimh.gov.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

103.124.92.130

200 OK

5.0 kB

URL HTTP/1.1
nimh.gov.vn/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5009 bytes)
Hash
e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Tue, 24 May 2022 19:45:29 GMT
ETag: "48b9-5dfc732f14198-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5009
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript

nimh.gov.vn/contents/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1

103.124.92.130

200 OK

932 B

URL HTTP/1.1
nimh.gov.vn/contents/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text
Size
932 B (932 bytes)
Hash
b1eb322499f2dbc18499a9a46edd88fd
47213d17cb0eb45bd12ede49ee77e6c384b3664a
e3ec4292fd6b24707fe8b93f5d423120dcbc25aa702e7d434749910f947e4060

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /contents/plugins/contact-form-7/includes/css/styles.css?ver=5.4.1 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Fri, 25 Jun 2021 02:03:30 GMT
ETag: "a50-5c58d8bd94d40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 932
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2

142.250.74.163

200 OK

5.4 kB

URL HTTP/1.1
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5368, version 1.0\012- data
Size
5.4 kB (5368 bytes)
Hash
a48b0f049358d7503c497abb4dcbc4d6
d764e136ada1fba8ec4d99994b179d984d7983b8
4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwaPGR_p.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nimh.gov.vn
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 5368
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 19:38:08 GMT
Expires: Wed, 29 Nov 2023 19:38:08 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 15:56:40 GMT
Content-Type: font/woff2
Age: 214650

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2

142.250.74.163

200 OK

5.5 kB

URL HTTP/1.1
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5472, version 1.0\012- data
Size
5.5 kB (5472 bytes)
Hash
4bde07f991ba6af69a1e009fd7ce9d1a
ed53e9f8967142ea4aa2fd113f696799319d91b2
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjxAwXjeu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nimh.gov.vn
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 5472
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 11:42:04 GMT
Expires: Wed, 29 Nov 2023 11:42:04 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 15:50:06 GMT
Content-Type: font/woff2
Age: 243214

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/1.1
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nimh.gov.vn
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 18:20:54 GMT
Expires: Wed, 29 Nov 2023 18:20:54 GMT
Cache-Control: public, max-age=31536000
Age: 219284
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.163

200 OK

23 kB

URL HTTP/1.1
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nimh.gov.vn
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:29:30 GMT
Expires: Wed, 29 Nov 2023 17:29:30 GMT
Cache-Control: public, max-age=31536000
Age: 222368
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2

nimh.gov.vn/contents/uploads/2021/01/logo-1.png

103.124.92.130

200 OK

24 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/logo-1.png
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
PNG image data, 110 x 110, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24371 bytes)
Hash
9643cc6b32e3c7dbbdf3a3e3bfc2e4d6
34933e31c8b2ba2e7be6aa257340c2d24d75cf35
6ac2a6b596d77b772ffb41176c155dd4a9413216c33d835e1d22fc41a34e636a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/logo-1.png HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Tue, 26 Jan 2021 03:50:51 GMT
ETag: "5f33-5b9c58f8a7140"
Accept-Ranges: bytes
Content-Length: 24371
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/png

nimh.gov.vn/contents/themes/flatsome/assets/css/icons/fl-icons.woff2

103.124.92.130

200 OK

6.5 kB

URL HTTP/1.1
nimh.gov.vn/contents/themes/flatsome/assets/css/icons/fl-icons.woff2
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
Web Open Font Format (Version 2), TrueType, length 6536, version 1.0\012- data
Size
6.5 kB (6536 bytes)
Hash
21c4c69602dadee988f10c502b44d1c1
7d28ed1775492300f859296ef85ce371c26a6ff3
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /contents/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nimh.gov.vn/contents/themes/flatsome/assets/css/fl-icons.css?ver=3.12

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:11:57 GMT
ETag: "1988-5b9a1d03988d0"
Accept-Ranges: bytes
Content-Length: 6536
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive

nimh.gov.vn/contents/themes/flatsome/assets/js/flatsome.js?ver=3.12.2

103.124.92.130

200 OK

50 kB

URL HTTP/1.1
nimh.gov.vn/contents/themes/flatsome/assets/js/flatsome.js?ver=3.12.2
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
ASCII text, with very long lines (19155)
Size
50 kB (50298 bytes)
Hash
42d395efd612e1328204cf52c8a88790
e6802e1a3432a9dce711c686fd74df0dc8a6ba31
0e6794e09c6ef8a68520d0855ad68fa05d88d77652c7a8df512a73d23bb97f49

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /contents/themes/flatsome/assets/js/flatsome.js?ver=3.12.2 HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:35 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:12:10 GMT
ETag: "2a4c3-5b9a1d0fadd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 50298
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript

nimh.gov.vn/contents/uploads/2021/01/OIP-3.jpg

103.124.92.130

200 OK

18 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/OIP-3.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 474x315, components 3\012- data
Size
18 kB (17547 bytes)
Hash
d4407b0634d945cb84cd924b2d6f0096
ff4949904563baa7d956437761e43381e0f6d2dc
3c0126ce596fa5166ff41dfcae55957267df54ae78a2cb1bb4cf70e9b9d1a237

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/OIP-3.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:15 GMT
ETag: "448b-5b9a1f176bc48"
Accept-Ranges: bytes
Content-Length: 17547
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/download.jpg

103.124.92.130

200 OK

55 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/download.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 690x447, components 3\012- data
Size
55 kB (54819 bytes)
Hash
2ff2607cd18ae8416a5af3bef5ff8dc1
95c78aede81f1227ec45370a03e59fdf33128104
486ccda157b2cd55ff0b16c3dd1c822d8795dc26519c6efccbd05f6db1fd9d49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/download.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:35 GMT
ETag: "d623-5b9a1ef129558"
Accept-Ranges: bytes
Content-Length: 54819
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1-1.jpg

103.124.92.130

200 OK

53 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1-1.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 474x315, components 3\012- data
Size
53 kB (52825 bytes)
Hash
b4abf6f45c7dd12851765cf409c3089c
d0dd02c6d52d4f43d21d9eb26b7c96f106ab8eec
3e17f880cbf4ddb65dc677fb3a6b102bfc72c64c9b125ce2197c9334c2d104d5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1-1.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:23 GMT
ETag: "ce59-5b9a1f1e99e70"
Accept-Ranges: bytes
Content-Length: 52825
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/benh_vien_bach_mai.jpg

103.124.92.130

200 OK

117 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/benh_vien_bach_mai.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 690x447, components 3\012- data
Size
117 kB (117124 bytes)
Hash
47afae1f2b8fb2c565064274d694c4ea
41a70120f54cd2abdbde1646ff403f74356c719a
5c03f74e98a5e180e52ae24bc0f7515886e68171f5f509c055d09ccd626f22d2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/benh_vien_bach_mai.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:03 GMT
ETag: "1c984-5b9a1ed2966e0"
Accept-Ranges: bytes
Content-Length: 117124
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/OIP-4-1.jpg

103.124.92.130

200 OK

45 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/OIP-4-1.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, orientation=upper-left], baseline, precision 8, 474x315, components 3\012- data
Size
45 kB (45338 bytes)
Hash
f0d15e26592b2973b631e0509c50c39b
495ea8813034d34a6f69ebe2227c1da33f4591d5
6f78a9b15825defd7d4b95075d931828ada778aa8e5608421894e2d05b5d1c47

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/OIP-4-1.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:16 GMT
ETag: "b11a-5b9a1f17e9800"
Accept-Ranges: bytes
Content-Length: 45338
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1.jpg

103.124.92.130

200 OK

21 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, baseline, precision 8, 660x330, components 3\012- data
Size
21 kB (21239 bytes)
Hash
d5177cff568f5a901e8d3bfe1471e3bf
043e92249e3c3f755a576a523165a694b1db3a0c
5a3896e8c4fdb69dbc485281182d28172375030954dffeaa4aaf216804cc2732

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/sarcoma-xuong-u-xuong-ac-tinh-o-tre-em-va-thanh-thieu-nien-phuong-phap-dieu-tri-1.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:23 GMT
ETag: "52f7-5b9a1f1f04978"
Accept-Ranges: bytes
Content-Length: 21239
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/so-do-to-chuc-khoa-kham-benh-benh-vien-bach-mai-1006.jpg

103.124.92.130

200 OK

192 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/so-do-to-chuc-khoa-kham-benh-benh-vien-bach-mai-1006.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 690x447, components 3\012- data
Size
192 kB (191679 bytes)
Hash
1aa1a1207fedc2812893d8718ef3280e
71f50eafa13748fd1499d3f0f2f532826b6ab601
e541ffee748d0e7acf3e4352a230ecfdc51389a25ecd67f8d429d69079552a23

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/so-do-to-chuc-khoa-kham-benh-benh-vien-bach-mai-1006.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:24 GMT
ETag: "2ecbf-5b9a1f1fbda68"
Accept-Ranges: bytes
Content-Length: 191679
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/OIP-4.jpg

103.124.92.130

200 OK

19 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/OIP-4.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 474x320, components 3\012- data
Size
19 kB (19294 bytes)
Hash
01608d4a39a3c4eee96021f6cd8c5d03
124b8ffe5f9ee7f8d469627a9b9d71c9e90f67ff
f1003204ec356f5c5ad1ed41d7624770fd5f0b64f007b981801e822dfb3eb67d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/OIP-4.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:16 GMT
ETag: "4b5e-5b9a1f18304d0"
Accept-Ranges: bytes
Content-Length: 19294
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/OIP-1.jpg

103.124.92.130

200 OK

13 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/OIP-1.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 474x316, components 3\012- data
Size
13 kB (12932 bytes)
Hash
fe02d5f384469a781b31eed2a7419342
7509f6a05cf4c6fd8565a70c3bf39b11e2e6d590
d0aca7e060b722f9dda6b0844c1bd4bbddfcba80e7f6123667ce858d5e8dd0fc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/OIP-1.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:13 GMT
ETag: "3284-5b9a1f155f1c0"
Accept-Ranges: bytes
Content-Length: 12932
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/IMG-7577_1-1079x800.jpg

103.124.92.130

200 OK

179 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/IMG-7577_1-1079x800.jpg
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=Apple, model=iPhone 7 Plus, xresolution=130, yresolution=138, resolutionunit=2, software=Adobe Photoshop Camera Raw 7.0 (Windows), datetime=2019:06:17 21:16:48], baseline, precision 8, 1079x800, components 3\012- data
Size
179 kB (179391 bytes)
Hash
f22da4daca3702a7e0eda42c73dabf98
8baea847111e572abafb2bb0a8725cb61fe09708
6db67a66d165d0192dcaf42c5436175b25b0b9ea50c1201869feb2e117fef22d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/IMG-7577_1-1079x800.jpg HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:36 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:46 GMT
ETag: "2bcbf-5b9a1efb99f10"
Accept-Ranges: bytes
Content-Length: 179391
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

nimh.gov.vn/contents/uploads/2021/01/phong-chuc-nang-la-gi.png

103.124.92.130

200 OK

125 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/phong-chuc-nang-la-gi.png
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
PNG image data, 690 x 447, 8-bit/color RGBA, non-interlaced\012- data
Size
125 kB (124819 bytes)
Hash
060792b360ea84ca6110f5be3390c44b
5e495b86d152a549dbb42ef89e0ad1e34d1585d5
60bcb873dadc3363b597d1612bf8b6dc2cc0375b8fd112beb940aa9ee806c3a4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/phong-chuc-nang-la-gi.png HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:37 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:21:19 GMT
ETag: "1e793-5b9a1f1b12950"
Accept-Ranges: bytes
Content-Length: 124819
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/png

nimh.gov.vn/contents/uploads/2021/01/cropped-logo-32x32.png

103.124.92.130

200 OK

2.9 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/cropped-logo-32x32.png
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2949 bytes)
Hash
3f43f1189fe5e0d7d8ce3c38d06f0959
3e75d37a74374c176eacb84b743942e0d94c83a4
89286d8cc4ecab30c4eca6efc9b4fc1a56e359c4e6bdc134a995c240b36d19b6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/cropped-logo-32x32.png HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:37 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:04 GMT
ETag: "b85-5b9a1ed3e4a88"
Accept-Ranges: bytes
Content-Length: 2949
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: image/png

nimh.gov.vn/contents/uploads/2021/01/cropped-logo-192x192.png

103.124.92.130

200 OK

61 kB

URL HTTP/1.1
nimh.gov.vn/contents/uploads/2021/01/cropped-logo-192x192.png
IP
103.124.92.130:0
ASN
#131353 NhanHoa Software company

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
61 kB (60857 bytes)
Hash
9cdf743d5cf4396524eab876cb376160
7d4ec850705aeb57b3adb0269421733c8ab496fc
89c531376b54bfe0051796e69ccdf0aa35093ecff13f33793750ecc4796bfb88

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /contents/uploads/2021/01/cropped-logo-192x192.png HTTP/1.1
Host: nimh.gov.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nimh.gov.vn/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:15:37 GMT
Server: Apache/2
Last-Modified: Sun, 24 Jan 2021 09:20:04 GMT
ETag: "edb9-5b9a1ed389980"
Accept-Ranges: bytes
Content-Length: 60857
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: image/png

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3711 bytes)
Hash
89e1a735e16f55c78fa75ae434294029
6c56f4015305eff04a99cec9758cd40bf4e5f704
26e8b042c0bbef2c7f93f77451563cf6e12af282251ef864652574be2b2c5b15

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F092f8542-1ed2-47c2-82aa-d5ef970a77ca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: 68772438-16c4-40ab-a40e-860425d8301c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGyhHVsIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e76-21d27db6708228002e738938;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JOCSKxy4WUDbS22Gd9BlyN1gmcDsDNlNWnT57KITGlNwfOe_Iaco9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:59 GMT
age: 34006
etag: "6c56f4015305eff04a99cec9758cd40bf4e5f704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations