112.78.1.150200 OK 14 kB URL User Request GET HTTP/2 IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (508)
Hash 4eb3e76da27380480f15ba3d89b938a7
dc8fc0f53462b48c1ced25512e7ccca5f8b7414d
436d8dac380f369e66847aaa3d8eb056669e56458fb030173bf35c6c2a84ad2c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:32 GMT
content-type: text/html; charset=UTF-8
content-length: 14020
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
content-encoding: gzip
vary: Accept-Encoding
set-cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2; path=/; secure; httponly
last-modified: Mon, 29 May 2023 01:17:32 GMT
X-Firefox-Spdy: h2
timhieuluat.com/js/jquery/jquery-1.11.0.min.js
112.78.1.150200 OK 96 kB URL GET HTTP/2 timhieuluat.com/js/jquery/jquery-1.11.0.min.js
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type ASCII text, with very long lines (32341)
Hash 8fc25e27d42774aeae6edbc0a18b72aa
b66ed708717bf0b4a005a4d0113af8843ef3b8ff
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery/jquery-1.11.0.min.js HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:32 GMT
content-type: application/javascript
content-length: 96381
last-modified: Sat, 28 Nov 2015 12:56:37 GMT
etag: "5659a485-1787d"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/js/dark/taigachat.js?1448728719&_v=34448367
112.78.1.150200 OK 25 kB URL GET HTTP/2 timhieuluat.com/js/dark/taigachat.js?1448728719&_v=34448367
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type ASCII text, with CRLF line terminators
Hash da6891ea6fa96574fddbdb1d29c2c0e6
a64922b8042e310053e0de0e2091da9e439a2977
e86ed6c30444a24b0a27d2a5567714fca54c288f2555a82d4d47e7e4515a4d3f
GET /js/dark/taigachat.js?1448728719&_v=34448367 HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:32 GMT
content-type: application/javascript
content-length: 25373
last-modified: Sat, 28 Nov 2015 16:38:39 GMT
etag: "5659d88f-631d"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/js/brivium/ModernStatistic/ModernStatistic.js?_v=34448367
112.78.1.150200 OK 11 kB URL GET HTTP/2 timhieuluat.com/js/brivium/ModernStatistic/ModernStatistic.js?_v=34448367
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (543), with CRLF line terminators
Hash 8d8f2ebe442478b44e397d5060b5b31c
ac877efc7e39c6b03e4b7d9d444ba51120703829
4ee73ad14dbfdf2093a45d999816bdd96a9467546cedeb6916aa4218b78de603
Analyzer Verdict Alert fortinet Phishing
GET /js/brivium/ModernStatistic/ModernStatistic.js?_v=34448367 HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:32 GMT
content-type: application/javascript
content-length: 11014
last-modified: Sat, 28 Nov 2015 16:23:46 GMT
etag: "5659d512-2b06"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/js/brivium/ModernStatistic/cookie.js?_v=34448367
112.78.1.150200 OK 529 B URL GET HTTP/2 timhieuluat.com/js/brivium/ModernStatistic/cookie.js?_v=34448367
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type ASCII text, with very long lines (505), with CRLF line terminators
Hash ab245f78d8e90a9dd16f7da696843f33
2e627a99ae3d6a7c51d81101d4c119456921ceca
de0e17841102fc5706d4b4d8f9c9571874ede8f6870136874f80d51d7f0845e2
Analyzer Verdict Alert fortinet Phishing
GET /js/brivium/ModernStatistic/cookie.js?_v=34448367 HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:32 GMT
content-type: application/javascript
content-length: 529
x-accel-version: 0.01
last-modified: Sat, 28 Nov 2015 16:23:45 GMT
etag: "389-5259c3b62a640-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
timhieuluat.com/css.php?css=BRMS_ModernStatistic,BRMS_ModernStatistic_dark,EWRporta2_Global,bb_code,dark_taigachat,facebook,google,login_bar,node_category,node_forum,node_list,sidebar_share_page,sonnb_xengallery_navbar_template,wf_default&style=3&dir=LTR&d=1678240284
112.78.1.150200 OK 14 kB URL GET HTTP/2 timhieuluat.com/css.php?css=BRMS_ModernStatistic,BRMS_ModernStatistic_dark,EWRporta2_Global,bb_code,dark_taigachat,facebook,google,login_bar,node_category,node_forum,node_list,sidebar_share_page,sonnb_xengallery_navbar_template,wf_default&style=3&dir=LTR&d=1678240284
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
Hash fb36cab0ca5852ca1315043f40e58105
bc5a16d689932f74da9eabff7aacbd25c9506004
3c78ce5e1c6bea6304f2e4c0ba90e029c11e5730511e4917768f753d8560cb96
GET /css.php?css=BRMS_ModernStatistic,BRMS_ModernStatistic_dark,EWRporta2_Global,bb_code,dark_taigachat,facebook,google,login_bar,node_category,node_forum,node_list,sidebar_share_page,sonnb_xengallery_navbar_template,wf_default&style=3&dir=LTR&d=1678240284 HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:32 GMT
content-type: text/css; charset=utf-8
content-length: 13504
x-powered-by: PHP/5.6.40
expires: Wed, 01 Jan 2020 00:00:00 GMT
cache-control: public
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 08 Mar 2023 01:51:24 GMT
X-Firefox-Spdy: h2
timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
112.78.1.150200 OK 30 kB URL GET HTTP/2 timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type ASCII text, with very long lines (1083)
Hash 165680f078c74276d1a2a000b248c799
fa7f4f0360eec171b2c4277cdb330c7b7c27c7cf
726533a043657e0ca93be09f43cb52d98d087352a4b208a6890d1a8c2204bc6b
GET /css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284 HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:33 GMT
content-type: text/css; charset=utf-8
content-length: 29862
x-powered-by: PHP/5.6.40
expires: Wed, 01 Jan 2020 00:00:00 GMT
cache-control: public
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 08 Mar 2023 01:51:24 GMT
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/social-02.png
112.78.1.150200 OK 2.3 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/social-02.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 35 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 668eab2bb13f90ddcb3a4c7af69e7cf3
bc1f651edc5047729caf7f41cb73a9641421e421
24d941af3bfb08506f9bee181ad085d69c156250402ff3c5b6c39827bb1648bd
GET /styles/brivium/Nitrogen/extra/social-02.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:33 GMT
content-type: image/png
content-length: 2347
last-modified: Sat, 28 Nov 2015 15:20:16 GMT
etag: "5659c630-92b"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/social-01.png
112.78.1.150200 OK 1.6 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/social-01.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 35 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash c717558597115eb8a9d83904f5542f58
c9b1255559df58c8af8e19664169c526fbb2b8f6
8a3d86c8e74c1f91b3f24becd9e72004c546d12e51c5f8ea83d6b772d8493d4e
GET /styles/brivium/Nitrogen/extra/social-01.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:33 GMT
content-type: image/png
content-length: 1573
last-modified: Sat, 28 Nov 2015 15:20:16 GMT
etag: "5659c630-625"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/social-03.png
112.78.1.150200 OK 2.1 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/social-03.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 35 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 721b71dd325a3509e60cef06691395c9
fa7c430115b50ff1ce7f764fd4ece7fd4f472091
51aabe7c9d92f878010440e4ba8a734d664f615f578a248aae66553a7c9b53b1
GET /styles/brivium/Nitrogen/extra/social-03.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:33 GMT
content-type: image/png
content-length: 2134
last-modified: Sat, 28 Nov 2015 15:20:16 GMT
etag: "5659c630-856"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/social-04.png
112.78.1.150200 OK 1.7 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/social-04.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 35 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5823584ddf4cc9d1dd4aef261d2706db
571983dc1130162257d9da6c7068cdb2ef17c43b
ca85bd455ccacc2a9e44245304c108d2707005d1efaed16e2619e5bf3d2c0d4d
GET /styles/brivium/Nitrogen/extra/social-04.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:33 GMT
content-type: image/png
content-length: 1719
last-modified: Sat, 28 Nov 2015 15:20:16 GMT
etag: "5659c630-6b7"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/social-10.png
112.78.1.150200 OK 1.7 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/social-10.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 35 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash b16e30b5dab603103a1accb50007556e
1bf5cde57ce32dbd05263de71d9f802ff3fdfe17
3c50b52c7c1c4a61127709bcc3f37a98266824d529be5fee04a61b6ac464825f
GET /styles/brivium/Nitrogen/extra/social-10.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:33 GMT
content-type: image/png
content-length: 1726
last-modified: Sat, 28 Nov 2015 15:20:17 GMT
etag: "5659c631-6be"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/social-12.png
112.78.1.150200 OK 1.7 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/social-12.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 35 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 001b5baf2595ac7090ccf6ee483514f0
0bef0b7b25842ead621d7893f76906ab893529e7
f17bc07aa8a8cc324c9282530c50d90b1c725482839ad0a105ac2a0930cc3c3f
GET /styles/brivium/Nitrogen/extra/social-12.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:33 GMT
content-type: image/png
content-length: 1662
last-modified: Sat, 28 Nov 2015 15:20:17 GMT
etag: "5659c631-67e"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/js/xenforo/xenforo.js?_v=34448367
112.78.1.150200 OK 167 kB URL GET HTTP/2 timhieuluat.com/js/xenforo/xenforo.js?_v=34448367
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type Unicode text, UTF-8 text, with very long lines (7085)
Size 167 kB (166795 bytes)
Hash 1d9c6131a4df80b06c141405dbe01b17
12c19cc5dbbadce9b70e7ba02e1df7a9289db78a
4991574cd4578589a70f50a4e14ef722345850be2cc5650cf53780c2463e6e0e
Analyzer Verdict Alert fortinet Phishing
GET /js/xenforo/xenforo.js?_v=34448367 HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:32 GMT
content-type: application/javascript
content-length: 166795
last-modified: Sat, 28 Nov 2015 12:57:06 GMT
etag: "5659a4a2-28b8b"
accept-ranges: bytes
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
104.18.11.207200 OK 84 kB URL GET HTTP/3 netdna.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
IP 104.18.11.207:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Hash fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
GET /font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://timhieuluat.com
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 01:17:34 GMT
content-type: font/woff
content-length: 83760
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "fdf491ce5ff5b2da02708cd0e9864719"
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 08/25/2022 04:48:59
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ccf1da6689457f2424859c6778aaced9
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ceae5ffaee21bfa-OSL
alt-svc: h3=":443"; ma=86400
timhieuluat.com/styles/brivium/Nitrogen/xenforo/xenforo-ui-sprite.png
112.78.1.150200 OK 9.0 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/xenforo/xenforo-ui-sprite.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 200 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash af662869b1346f7e3fc7c35d3a1b8455
d813b4e4802b3d0ecf8eed59caf682330b372f5b
8a5c34ea273c331d20d3b8ee057a25cff36cff63991aef781d11d7b2af2af51f
GET /styles/brivium/Nitrogen/xenforo/xenforo-ui-sprite.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 9045
last-modified: Sat, 28 Nov 2015 15:20:49 GMT
etag: "5659c651-2355"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/ModernStatistic/light-sprite.png
112.78.1.150200 OK 1.4 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/ModernStatistic/light-sprite.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 35 x 236, 8-bit/color RGBA, non-interlaced\012- data
Hash dcb8876f08dfd9cdc17bf5613f6e112f
ed97b27f065606dc6b06439fda67a090d120cda6
001028dfdc4ac283439f5da08e8599b60f2862a0b4a208a4f0f342bbe2b8f4d1
GET /styles/brivium/ModernStatistic/light-sprite.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=BRMS_ModernStatistic,BRMS_ModernStatistic_dark,EWRporta2_Global,bb_code,dark_taigachat,facebook,google,login_bar,node_category,node_forum,node_list,sidebar_share_page,sonnb_xengallery_navbar_template,wf_default&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 1381
last-modified: Sat, 28 Nov 2015 16:23:52 GMT
etag: "5659d518-565"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/icon-sodium.png
112.78.1.150200 OK 1.8 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/icon-sodium.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 150 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 510bbe236ea8b3b4585cf1a4a824cf69
e87bd5312f3f09999793eff35bc60181aca39c52
96dad12d3c220e3bf6c10e40d8ba442417b6552b8af579cad2052c98c98120f3
GET /styles/brivium/Nitrogen/extra/icon-sodium.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 1769
last-modified: Sat, 28 Nov 2015 15:20:16 GMT
etag: "5659c630-6e9"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/xenforo/node-sprite.png
112.78.1.150200 OK 2.2 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/xenforo/node-sprite.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 144 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 3457102126f1d4a0df093471816c6107
ce0ec6b0ba6f131671a0937852e56ed30f4a1aa2
da6d8a1b736c09f2f7d3dd4ca1b75b5ed8aaef734d87f8e9fc558cef410a50c9
GET /styles/brivium/Nitrogen/xenforo/node-sprite.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=BRMS_ModernStatistic,BRMS_ModernStatistic_dark,EWRporta2_Global,bb_code,dark_taigachat,facebook,google,login_bar,node_category,node_forum,node_list,sidebar_share_page,sonnb_xengallery_navbar_template,wf_default&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 2214
last-modified: Sat, 28 Nov 2015 15:20:32 GMT
etag: "5659c640-8a6"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/xenforo/gradients/form-button-white-25px.png
112.78.1.150200 OK 192 B URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/xenforo/gradients/form-button-white-25px.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a8c1f7af768595e15a3736775bbb0df
29ad4d007b1cfeebcf115e7a55b4835201890ed6
6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac
GET /styles/brivium/Nitrogen/xenforo/gradients/form-button-white-25px.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 192
x-accel-version: 0.01
last-modified: Sat, 28 Nov 2015 15:20:28 GMT
etag: "c0-5259b59110700"
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,400,600&subset=latin,vietnamese,cyrillic-ext,greek-ext,cyrillic,latin-ext,greek
142.250.74.74200 OK 98 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,400,600&subset=latin,vietnamese,cyrillic-ext,greek-ext,cyrillic,latin-ext,greek
IP 142.250.74.74:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash ee7b15f93d6645d2c78812c924bdc54e
eeb602aed3a503ad4bf1090fd702dcefd101504b
7835bdfd0532b714829bebd65429cbeec2b860343f5eaf7d74fb9437d506a622
GET /css?family=Open+Sans:400italic,600italic,400,600&subset=latin,vietnamese,cyrillic-ext,greek-ext,cyrillic,latin-ext,greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 29 May 2023 01:17:32 GMT
date: Mon, 29 May 2023 01:17:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/icon-search.png
112.78.1.150200 OK 1.1 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/icon-search.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash ad39db5e8c41aa88dce16cecbb32d99e
a7b7408a551c5e8928a7a8f24c2a117d6e3ff743
dc0e16665dd67e342e7f4c79cbba4c0e08721280892565d626b735834d5926e2
GET /styles/brivium/Nitrogen/extra/icon-search.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 1101
last-modified: Sat, 28 Nov 2015 15:20:15 GMT
etag: "5659c62f-44d"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/arrow-02.png
112.78.1.150200 OK 951 B URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/arrow-02.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 9 x 5, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a23acdc59fe1c73dfdad466835f3b4a
d2cb6f02e2e6ef645013df497afd9ea056a04790
9f6b72522ce787dd1ab2d9eb6874339c13f220cbff980bfac97bdaca5029ac40
GET /styles/brivium/Nitrogen/extra/arrow-02.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 951
x-accel-version: 0.01
last-modified: Sat, 28 Nov 2015 15:20:13 GMT
etag: "3b7-5259b582c2540"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/extra/bg-navtab.png
112.78.1.150200 OK 945 B URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/extra/bg-navtab.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 1 x 150, 8-bit/color RGB, non-interlaced\012- data
Hash d845678f3ef97fe8eaaa8b8e59cca3bd
ae42e15cff442d74a0640904b1aae961ad4ae43f
cc7dba0a115cdcceb3b1b07fb4d579369095daa4715416eb115e9deecf592388
GET /styles/brivium/Nitrogen/extra/bg-navtab.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 945
x-accel-version: 0.01
last-modified: Sat, 28 Nov 2015 15:20:14 GMT
etag: "3b1-5259b583b6780"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/xenforo/widgets/ajaxload.info_FFFFFF_facebook.gif
112.78.1.150200 OK 723 B URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/xenforo/widgets/ajaxload.info_FFFFFF_facebook.gif
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type GIF image data, version 89a, 16 x 11\012- data
Hash 87a916737734e3968f40cb37bb6a5147
c634cbccb116523fbc6df3654586deebfacf56d8
5a8f886ffb6afed6497f36d8940ab950086a2eb72fe82266f8ac96acc43a8de2
GET /styles/brivium/Nitrogen/xenforo/widgets/ajaxload.info_FFFFFF_facebook.gif HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/gif
content-length: 723
x-accel-version: 0.01
last-modified: Sat, 28 Nov 2015 15:20:45 GMT
etag: "2d3-5259b5a146d40"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/ModernStatistic/loader7.gif
112.78.1.150200 OK 11 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/ModernStatistic/loader7.gif
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type GIF image data, version 89a, 220 x 19\012- data
Hash 57ca1a2085d82f0574e3ef740b9a5ead
2974f4bf37231205a256f2648189a461e74869c0
476a7b1085cc64de1c0eb74a6776fa8385d57eb18774f199df83fc4d7bbcc24e
GET /styles/brivium/ModernStatistic/loader7.gif HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=BRMS_ModernStatistic,BRMS_ModernStatistic_dark,EWRporta2_Global,bb_code,dark_taigachat,facebook,google,login_bar,node_category,node_forum,node_list,sidebar_share_page,sonnb_xengallery_navbar_template,wf_default&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/gif
content-length: 10819
last-modified: Sat, 28 Nov 2015 16:23:52 GMT
etag: "5659d518-2a43"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/data/taigachat/messagesmini.html?_xfRequestUri=%2F&_xfNoRedirect=1&_xfResponseType=json&_=1685323053466
112.78.1.150200 OK 3.3 kB URL GET HTTP/2 timhieuluat.com/data/taigachat/messagesmini.html?_xfRequestUri=%2F&_xfNoRedirect=1&_xfResponseType=json&_=1685323053466
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type JSON data\012- HTML document, ASCII text, with very long lines (3276), with no line terminators
Hash 4034e238d7ff55b6411fee61cd2f2ef3
fd6bb0850c1e52ade29b644d7ecd1e1dfe47aa94
d2e9b25de99d5f65d47c7730e4f292b846a051fe2a94bb21a662dda8176c613e
GET /data/taigachat/messagesmini.html?_xfRequestUri=%2F&_xfNoRedirect=1&_xfResponseType=json&_=1685323053466 HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Ajax-Referer: https://timhieuluat.com/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: text/html
content-length: 3276
last-modified: Sun, 28 May 2023 22:16:27 GMT
etag: "6473d2bb-ccc"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/brms-statistic/statistics.json
112.78.1.150200 OK 71 B URL POST HTTP/2 timhieuluat.com/brms-statistic/statistics.json
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash b1780ea145d042e202c3d75788cb4a1d
ea4ca6b9ca70093966d587974813c1050ccb053d
b572f0f93b80f012c3e6fefc0ca8ffe823fa98c5c82bee892d678afb4727891a
Analyzer Verdict Alert fortinet Phishing
POST /brms-statistic/statistics.json HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Ajax-Referer: https://timhieuluat.com/
X-Requested-With: XMLHttpRequest
Content-Length: 103
Origin: https://timhieuluat.com
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: application/json; charset=UTF-8
content-length: 71
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
last-modified: Mon, 29 May 2023 01:17:34 GMT
X-Firefox-Spdy: h2
timhieuluat.com/styles/tag.png
112.78.1.150200 OK 733 B URL GET HTTP/2 timhieuluat.com/styles/tag.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash d6761cd8f61693fbdf7f36b8bd6c1988
1028e1323adbfdd5dc616b261e13eac3778e9f7a
54c7fcc0cae13d60baf6f319f5c4a2bf0b24efde88ec0242271b120cac31547c
GET /styles/tag.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=BRMS_ModernStatistic,BRMS_ModernStatistic_dark,EWRporta2_Global,bb_code,dark_taigachat,facebook,google,login_bar,node_category,node_forum,node_list,sidebar_share_page,sonnb_xengallery_navbar_template,wf_default&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 733
x-accel-version: 0.01
last-modified: Sat, 28 Nov 2015 16:38:39 GMT
etag: "2dd-5259c70ac01c0"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/xenforo/logo.og.png
112.78.1.150200 OK 14 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/xenforo/logo.og.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 87 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash 66ef1a2da769cda6a09adb76be78b781
d1fe55541c297ba26516317fe9ed546f42247d86
360b516c760ecd5c7f1332a125ce4366c1ebafe57228b8d40a8f34e3c67f28fb
GET /styles/brivium/Nitrogen/xenforo/logo.og.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 13748
last-modified: Fri, 04 Dec 2015 07:03:28 GMT
etag: "56613ac0-35b4"
accept-ranges: bytes
X-Firefox-Spdy: h2
caulongdanang.com/styles/brivium/nitrogen/logo.png
112.78.1.150404 Not Found 298 B URL GET HTTP/2 caulongdanang.com/styles/brivium/nitrogen/logo.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjectcaulongdanang.com
Fingerprint37:3B:DA:EC:EC:9E:D9:83:1C:CA:A5:EA:13:60:CA:D0:99:00:7E:04
ValidityWed, 10 May 2023 08:35:19 GMT - Tue, 08 Aug 2023 08:35:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9e7ea202d790a929ee13d8cf8d435ed8
578a3c48aa2585f05d6ef46d2843722974c55b42
d7f55a6ebcbcce5999be9b5c1a75909ce99a44e5c044e95e7fad1734a0b9a7f0
GET /styles/brivium/nitrogen/logo.png HTTP/1.1
Host: caulongdanang.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Mon, 29 May 2023 01:17:35 GMT
content-type: text/html; charset=iso-8859-1
content-length: 298
X-Firefox-Spdy: h2
timhieuluat.com/data/taigachat/messagesmini.html?_xfRequestUri=%2F&_xfNoRedirect=1&_xfResponseType=json&_=1685323053467
112.78.1.150200 OK 3.3 kB URL GET HTTP/2 timhieuluat.com/data/taigachat/messagesmini.html?_xfRequestUri=%2F&_xfNoRedirect=1&_xfResponseType=json&_=1685323053467
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type JSON data\012- HTML document, ASCII text, with very long lines (3276), with no line terminators
Hash 936f6558479f4e15d074ed22a6c8c2ca
e312025ca14a7e06131902713e3fa55ba99b531b
f95297509e2803dcf71398d7e4e7b24f5631e399c58e36667f0f799a381e957e
GET /data/taigachat/messagesmini.html?_xfRequestUri=%2F&_xfNoRedirect=1&_xfResponseType=json&_=1685323053467 HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Ajax-Referer: https://timhieuluat.com/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:44 GMT
content-type: text/html
content-length: 3276
last-modified: Mon, 29 May 2023 01:17:34 GMT
etag: "6473fd2e-ccc"
accept-ranges: bytes
X-Firefox-Spdy: h2
timhieuluat.com/deferred.php
112.78.1.150200 OK 21 B URL POST HTTP/2 timhieuluat.com/deferred.php
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 7683c40a1c0bb44c43e60758a4d5c1e4
b9f30bb14491b7e64617b3cb0e3abede27fa9954
397ea43adddf909cb049d40e609cc084badb1c2da3135710a6a7a675cb361e54
Analyzer Verdict Alert fortinet Phishing
POST /deferred.php HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Ajax-Referer: https://timhieuluat.com/
X-Requested-With: XMLHttpRequest
Content-Length: 54
Origin: https://timhieuluat.com
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/5.6.40
expires: Tue, 03 Jul 2001 06:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 29 May 2023 01:17:34 GMT
X-Firefox-Spdy: h2
timhieuluat.com/styles/brivium/Nitrogen/ver2.png
112.78.1.150200 OK 97 kB URL GET HTTP/2 timhieuluat.com/styles/brivium/Nitrogen/ver2.png
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type PNG image data, 1200 x 112, 8-bit/color RGB, non-interlaced\012- data
Hash 222a754f2a5f8618ba4afe5547736020
45ac940482ccd98a87c696bad21de0cc2da4d516
ba822bceb76f72bc2fcf224ffd768e953da08f5a5161f61cb8e4b2879c91e52a
GET /styles/brivium/Nitrogen/ver2.png HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/css.php?css=xenforo,form,public&style=3&dir=LTR&d=1678240284
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:34 GMT
content-type: image/png
content-length: 96683
last-modified: Tue, 07 Mar 2023 01:41:42 GMT
etag: "64069656-179ab"
accept-ranges: bytes
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
104.18.11.207200 OK 21 kB URL GET HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
IP 104.18.11.207:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (20604)
Hash bbfef9385083d307ad2692c0cf99f611
63a234ea4d60f6643a60a4d79e28f291b93c1743
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
GET /font-awesome/4.1.0/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 01:17:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 11/16/2021 10:00:11
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 0eb7160e8356338bb079cae66d61082c
cdn-cache: HIT
cf-cache-status: HIT
age: 28367050
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ceae5f88ddbb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
timhieuluat.com/deferred.php
112.78.1.150200 OK 22 B URL POST HTTP/2 timhieuluat.com/deferred.php
IP 112.78.1.150:443
ASN #45538 ODS Joint Stock Company
Certificate IssuerLet's Encrypt
Subjecttimhieuluat.com
FingerprintF0:1D:BB:63:15:B2:B2:56:6E:EE:B9:A3:A9:6B:89:11:48:53:98:2C
ValidityTue, 02 May 2023 07:34:05 GMT - Mon, 31 Jul 2023 07:34:04 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 5cfba5d5eaefc15c8d7923d5c83b70e7
207bbe6673b30b4c5da2a3c83f1c23cd3bda97fa
cce18387983122e53bef0e1a8830271959eed84ef8f15444f4cebb9d47a70c53
Analyzer Verdict Alert fortinet Phishing
POST /deferred.php HTTP/1.1
Host: timhieuluat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Ajax-Referer: https://timhieuluat.com/
X-Requested-With: XMLHttpRequest
Content-Length: 54
Origin: https://timhieuluat.com
DNT: 1
Connection: keep-alive
Referer: https://timhieuluat.com/
Cookie: xf_session=60b0bfeac8ff3664206a2f6ed2a003c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 01:17:35 GMT
content-type: application/json; charset=UTF-8
x-powered-by: PHP/5.6.40
expires: Tue, 03 Jul 2001 06:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 29 May 2023 01:17:35 GMT
X-Firefox-Spdy: h2