safety-for-you346168.io.vn/Account%20security_files/eknh9Re3ab9.css
200 OK 233 B URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/eknh9Re3ab9.css
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (460)
Hash fd5ed5f13506648f430c31c67dc7befe
aa60140c4563ee90db81b5144e8828e6180c1224
7cba0fed839d33a1180cc8f91a8fd112826eb0e2affad756951163c71e3b6064
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/eknh9Re3ab9.css HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:35 GMT
content-type: text/css
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 233
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/LBeK2AdVA10.css
200 OK 3.2 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/LBeK2AdVA10.css
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (2776)
Hash a2490e6eb98f6a518aea35ab51c511ba
149211d09a5194d6cc595a454117fca843120c6d
57410138a18d0cbaee57fba6123ff563c8d082a77cdf8ba0045c4a598207de05
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/LBeK2AdVA10.css HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:35 GMT
content-type: text/css
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3177
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/ogGTLy0m35N.css
200 OK 8.6 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/ogGTLy0m35N.css
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (7512)
Hash 7f752b911637353893740ee5a577a185
8d74b15ee6568e2bf0be22055a33218daab13cde
38ae0a204dbb9cc74f7e42bdd23465176da69106da36ca69a7f280ad0f20201e
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/ogGTLy0m35N.css HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:35 GMT
content-type: text/css
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8577
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/tMCGgMHbEWk.css
200 OK 3.9 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/tMCGgMHbEWk.css
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (1508)
Hash 03f8f0c4876e25a1dd2eeb1fe4068805
556c0ce10c26e127431269814ef9d327a6bb0377
cc390b94dfccaad4c284b9c948b78b4b8fa100a077a503163c0859f20571184c
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/tMCGgMHbEWk.css HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:35 GMT
content-type: text/css
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3945
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/
200 OK 31 kB URL User Request GET HTTP/2 safety-for-you346168.io.vn/
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (976), with CRLF line terminators
Hash d9b4e9ff7013d6a5ed6a506739f86627
6d0148018655be5ff4b00c064adae3dcfd9c48cc
15c4f022753f252864036d7edf12b1ab8f83b4f8a36d2c13a6e1cf7aa44d9390
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 15:15:34 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/translateelement.css
200 OK 3.4 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/translateelement.css
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (18670)
Hash 15ab5dfc566a9a19f6e89a72b7819e43
064aac1e8bc5a26c5986e40659bc328157ec3b53
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/translateelement.css HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:35 GMT
content-type: text/css
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3374
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/0gtnVJ5rfTK.css
200 OK 7.8 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/0gtnVJ5rfTK.css
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (6645)
Hash c7650ad9b8ff3690b7fe0c63ca1594ea
59e3cff3eb8f9138cd43ff7567b015fc18e40a1b
48b3fa97a45764e0c2e5c88239f701f739af54658d8499ab2d5ba9b044f79b0f
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/0gtnVJ5rfTK.css HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:35 GMT
content-type: text/css
last-modified: Wed, 08 Dec 2021 17:22:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7819
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/translate_24dp.png
200 OK 846 B URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/translate_24dp.png
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/translate_24dp.png HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:35 GMT
content-type: image/png
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 846
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/OqQDSI5NZpt.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 178 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/OqQDSI5NZpt.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (7157)
Size 178 kB (178302 bytes)
Hash eec888e08962f655062bca1915aa5c62
bd550068cb78f31108c3388b3cde370b95cf8ce4
7a5b838a28d1a7e73533aa2f2167c1de89487f16e9cd7e6a930710693ad05e6c
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/OqQDSI5NZpt.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 178302
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/meta.png
200 OK 91 kB URL GET HTTP/2 safety-for-you346168.io.vn/meta.png
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type PNG image data, 1200 x 675, 8-bit/color RGBA, non-interlaced\012- data
Hash 3074a773170a156a0c93bbcc24ebbd64
3027f886ede769dbc5ec6231234f60a3a7b0cc04
82c907b6b0d9342b59ea1cd6c280fabf330e7edf91a4ca18bf48cd80f61046b4
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /meta.png HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:35 GMT
content-type: image/png
last-modified: Tue, 11 Oct 2022 17:56:52 GMT
accept-ranges: bytes
content-length: 91138
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/lock.png
200 OK 3.7 kB URL GET HTTP/2 safety-for-you346168.io.vn/lock.png
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type PNG image data, 84 x 84, 8-bit/color RGBA, interlaced\012- data
Hash d67240dbeb03116a9971243b4d1b4da5
f336b45e60fdb6a5328e1efa87dde169fd7f7273
703fd6652f10d4c9d587e28c10855652fad663c5504d5341e93eec96274bfe61
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /lock.png HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:36 GMT
content-type: image/png
last-modified: Wed, 12 Apr 2023 18:54:52 GMT
accept-ranges: bytes
content-length: 3734
date: Fri, 08 Dec 2023 15:15:36 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/W0cYX1tntdY.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 39 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/W0cYX1tntdY.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type C source, ASCII text, with very long lines (10479)
Hash 68c7b423ddc685d3af03be29f055905b
456ee5e49f78d1fe5e0ad41993ed1ecf5691edd0
7c8e927e8a052d4b5c80bb750b951b1148766ab3cf330586d5368c2273ddaa3e
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/W0cYX1tntdY.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 39195
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/3s7j1GL9cZl.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 48 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/3s7j1GL9cZl.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (5535)
Hash b30e3d8bc1b224838a169529555207b6
fff7e8cbe378b03a16bda62fb6c6eb0ba3fa6526
4d8cccf3526c561bfe36bac0087da7600fec145917ccda36e31512015d9c73e4
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/3s7j1GL9cZl.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 48454
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/hHHTJ66daSh.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 21 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/hHHTJ66daSh.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (6352)
Hash 605066fe23cdda58bd51cd84f578f83a
f587b5ee7d9c8784ed1ada0482abbaea0b17a95c
bcaf71e36867ff12bf5af0340d114b33f7ed92ca14b3a8ed11ac583d21e46781
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/hHHTJ66daSh.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 21021
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/wQjEXDzhVd7.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 31 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/wQjEXDzhVd7.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (7872)
Hash e828936a4a6b9e78e35e727bcd0fb65a
8b40abdcbf73244a54c1262033f54cb5125cf5c0
21c2a8eb713429aa2b8375646d8900e8cdbbd00340a301fe449e0f1ae14262f8
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/wQjEXDzhVd7.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 30974
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/2jr_tFUjDMy.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 235 B URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/2jr_tFUjDMy.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
Hash 96d5a6840fa57b919c48251fefc5fea7
e816c4a3cbe2fefa22858b78b22c3b5706681016
8b4b9cdc2cb5f220150cb3bfea298c5b3d876fb876da674d8d5624867124cd3d
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/2jr_tFUjDMy.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 235
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/icons.png
200 OK 7.9 kB URL GET HTTP/2 safety-for-you346168.io.vn/icons.png
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type PNG image data, 171 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash e520c3db17869c260e8b1b785668c3db
f64bada4e69f4601706df12022e0b976967e4575
5c9598c52ea130472e3041027ac8cc35501bc199421462e1b528c0fc18ae59c3
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /icons.png HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 15 Dec 2023 15:15:36 GMT
content-type: image/png
last-modified: Wed, 08 Dec 2021 18:02:18 GMT
accept-ranges: bytes
content-length: 7901
date: Fri, 08 Dec 2023 15:15:36 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/cN-N4Eu_deZ.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 7.3 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/cN-N4Eu_deZ.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (7220)
Hash ff5680b0a0befeaf3954a1dc6adc5430
528077cfb7a85ea5b1faa4520c5307b490e80f22
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/cN-N4Eu_deZ.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 7286
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/M4WYEDn5b1N.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 7.8 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/M4WYEDn5b1N.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (5262)
Hash 0d46d14a15dda151eff79557cd07d90c
889643e17e234ad08d39293468b2c53c80a5abcc
178e758f778499842d6d610dcbf85540f893204853549ffe0cf0625e3d48999f
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/M4WYEDn5b1N.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 7817
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/xCNlQDi1ngo.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 31 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/xCNlQDi1ngo.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (3656)
Hash d9d12fd2b2d38632147100297754fc58
1bdafb63a86a8ffd840717535c645fceb3946d7f
08032e0d311d265c7b0d7b8ed45e26c6350179a691a8d33f029b66f928ee81d6
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/xCNlQDi1ngo.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 30918
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/UMjce8g8u4Z.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 34 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/UMjce8g8u4Z.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (18915)
Hash 6b820ccae0e90edc41c7af3f0cf2848f
814165bd828a66b65316d15a1b29a0db6c3eeff9
d6b20099af664a818b3ea84be24c5a6bc1d7783722865d055ed8f452ac46fbc7
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/UMjce8g8u4Z.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 34448
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/rP8p7Irlvdn.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 13 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/rP8p7Irlvdn.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (7784)
Hash 74c37db1fb674688b8a3c788f606cfc2
5f853171902310c50dd4e7c952472fa25a1669d6
ad71dbec91c3bf9fa25435f33eb961bc091a81c96cec0443f42356822f75a592
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/rP8p7Irlvdn.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 13294
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/0LOtvn7s0n2.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 46 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/0LOtvn7s0n2.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type C source, ASCII text, with very long lines (11864)
Hash af05df97232c6b823457f68430351446
1fe302de88eae0aaa9c80a550f6ff06fe14b9e57
bae18e47dcd78f9d1606679d9e117d719e0d95350cf416654ba9f38b906e5323
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/0LOtvn7s0n2.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 45623
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/8v0m3wwOBP2.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 71 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/8v0m3wwOBP2.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (11051)
Hash 1da8aac41c22699a8a70a6e7b247f369
1fab373c1b8d7113f30b97cb0a508c20c021be2d
0f0fe57e50692ac123af51a59e27ca1505d5879845695acaf252408f79e53238
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/8v0m3wwOBP2.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 71385
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/Gk3ISkHbjNq.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 3.4 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/Gk3ISkHbjNq.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (1166)
Hash 2fa86c75722cd217d260a0a9e66bd284
0e668adeafae34082b89f80be4d4fb968abbba4b
c017851895b88f5bd4f459d22d8f081b4dcebc187989831717e4ea616e0571e0
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/Gk3ISkHbjNq.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 3416
date: Fri, 08 Dec 2023 15:15:39 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/wQjEXDzhVd7.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 31 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/wQjEXDzhVd7.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (7872)
Hash e828936a4a6b9e78e35e727bcd0fb65a
8b40abdcbf73244a54c1262033f54cb5125cf5c0
21c2a8eb713429aa2b8375646d8900e8cdbbd00340a301fe449e0f1ae14262f8
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/wQjEXDzhVd7.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 30974
date: Fri, 08 Dec 2023 15:15:40 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/2jr_tFUjDMy.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 235 B URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/2jr_tFUjDMy.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
Hash 96d5a6840fa57b919c48251fefc5fea7
e816c4a3cbe2fefa22858b78b22c3b5706681016
8b4b9cdc2cb5f220150cb3bfea298c5b3d876fb876da674d8d5624867124cd3d
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/2jr_tFUjDMy.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 235
date: Fri, 08 Dec 2023 15:15:40 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/M4WYEDn5b1N.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 7.8 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/M4WYEDn5b1N.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (5262)
Hash 0d46d14a15dda151eff79557cd07d90c
889643e17e234ad08d39293468b2c53c80a5abcc
178e758f778499842d6d610dcbf85540f893204853549ffe0cf0625e3d48999f
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/M4WYEDn5b1N.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 7817
date: Fri, 08 Dec 2023 15:15:40 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/0LOtvn7s0n2.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 46 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/0LOtvn7s0n2.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type C source, ASCII text, with very long lines (11864)
Hash af05df97232c6b823457f68430351446
1fe302de88eae0aaa9c80a550f6ff06fe14b9e57
bae18e47dcd78f9d1606679d9e117d719e0d95350cf416654ba9f38b906e5323
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/0LOtvn7s0n2.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 45623
date: Fri, 08 Dec 2023 15:15:40 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/gxlhI1GBV6m.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 85 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/gxlhI1GBV6m.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (6747)
Hash ece429dbe9bc0a3a86cef1bc1452319f
a5c8ec9d82961fa125a88fe52f8acc203e545dc7
5efb3dab2de811f8512e622c02e6834aa0ce0085fbc7c66b2d5f9b83047907b9
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/gxlhI1GBV6m.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 84988
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
200 OK 1.8 kB URL GET HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://safety-for-you346168.io.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:20:13 GMT
expires: Fri, 06 Dec 2024 05:20:13 GMT
cache-control: public, max-age=31536000
age: 122129
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yj/r/gB76kJXPYJV.png
200 OK 6.7 kB URL GET HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yj/r/gB76kJXPYJV.png
IP
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerDigiCert Inc
Subject*.facebook.com
FingerprintA5:69:C5:FA:9E:FF:F0:82:16:47:66:28:2D:2D:6B:F1:D2:FA:C7:4A
ValiditySat, 16 Sep 2023 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type PNG image data, 196 x 196, 8-bit colormap, non-interlaced\012- data
Hash 389dfa18be34d8cf767e06fd5cde4ec6
47b751cffab47d076816c63ce08d3e84600376ee
3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
GET /rsrc.php/v3/yj/r/gB76kJXPYJV.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://safety-for-you346168.io.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OJ36GL402M92fgb9XN5Oxg==
expires: Sat, 07 Dec 2024 04:08:40 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints:
origin-agent-cluster: ?0
x-fb-debug: nXGUsATQ8M0rpAgEjrIRuajeV4H0QBBzxWBDYoWwGIVT8aR2jLltqteZSYL8n+Ww5+oyKeGJrRSk5w3U4jSL5Q==
content-length: 6690
date: Fri, 08 Dec 2023 15:15:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yj/r/gB76kJXPYJV.png
200 OK 6.7 kB URL GET HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yj/r/gB76kJXPYJV.png
IP
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerDigiCert Inc
Subject*.facebook.com
FingerprintA5:69:C5:FA:9E:FF:F0:82:16:47:66:28:2D:2D:6B:F1:D2:FA:C7:4A
ValiditySat, 16 Sep 2023 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type PNG image data, 196 x 196, 8-bit colormap, non-interlaced\012- data
Hash 389dfa18be34d8cf767e06fd5cde4ec6
47b751cffab47d076816c63ce08d3e84600376ee
3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
GET /rsrc.php/v3/yj/r/gB76kJXPYJV.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://safety-for-you346168.io.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OJ36GL402M92fgb9XN5Oxg==
expires: Sat, 07 Dec 2024 04:08:40 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints:
origin-agent-cluster: ?0
x-fb-debug: nXGUsATQ8M0rpAgEjrIRuajeV4H0QBBzxWBDYoWwGIVT8aR2jLltqteZSYL8n+Ww5+oyKeGJrRSk5w3U4jSL5Q==
content-length: 6690
date: Fri, 08 Dec 2023 15:15:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/hHHTJ66daSh.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 21 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/hHHTJ66daSh.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (6352)
Hash 605066fe23cdda58bd51cd84f578f83a
f587b5ee7d9c8784ed1ada0482abbaea0b17a95c
bcaf71e36867ff12bf5af0340d114b33f7ed92ca14b3a8ed11ac583d21e46781
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/hHHTJ66daSh.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 21021
date: Fri, 08 Dec 2023 15:15:39 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/OqQDSI5NZpt.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 178 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/OqQDSI5NZpt.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (7157)
Size 178 kB (178302 bytes)
Hash eec888e08962f655062bca1915aa5c62
bd550068cb78f31108c3388b3cde370b95cf8ce4
7a5b838a28d1a7e73533aa2f2167c1de89487f16e9cd7e6a930710693ad05e6c
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/OqQDSI5NZpt.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 178302
date: Fri, 08 Dec 2023 15:15:39 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/3s7j1GL9cZl.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 48 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/3s7j1GL9cZl.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (5535)
Hash b30e3d8bc1b224838a169529555207b6
fff7e8cbe378b03a16bda62fb6c6eb0ba3fa6526
4d8cccf3526c561bfe36bac0087da7600fec145917ccda36e31512015d9c73e4
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/3s7j1GL9cZl.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 48454
date: Fri, 08 Dec 2023 15:15:39 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/W0cYX1tntdY.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 39 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/W0cYX1tntdY.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type C source, ASCII text, with very long lines (10479)
Hash 68c7b423ddc685d3af03be29f055905b
456ee5e49f78d1fe5e0ad41993ed1ecf5691edd0
7c8e927e8a052d4b5c80bb750b951b1148766ab3cf330586d5368c2273ddaa3e
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/W0cYX1tntdY.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 39195
date: Fri, 08 Dec 2023 15:15:39 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/ajax/mtouch_perf_page_load_timings/?lid=7037750802906714093-0&seq_num=1&event=prelude_onload&client_event_time=1702048543.101&time_from_nav_start_ms=3362&jazoest=22060&previous_event=nav_started&log_to_scuba=false&fb_dtsg=AQEeSudqCxLiEhc%3A9%3A1637830325&num_cores=48&transmission_method=beacon
404 Not Found 1.2 kB URL POST HTTP/2 safety-for-you346168.io.vn/ajax/mtouch_perf_page_load_timings/?lid=7037750802906714093-0&seq_num=1&event=prelude_onload&client_event_time=1702048543.101&time_from_nav_start_ms=3362&jazoest=22060&previous_event=nav_started&log_to_scuba=false&fb_dtsg=AQEeSudqCxLiEhc%3A9%3A1637830325&num_cores=48&transmission_method=beacon
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /ajax/mtouch_perf_page_load_timings/?lid=7037750802906714093-0&seq_num=1&event=prelude_onload&client_event_time=1702048543.101&time_from_nav_start_ms=3362&jazoest=22060&previous_event=nav_started&log_to_scuba=false&fb_dtsg=AQEeSudqCxLiEhc%3A9%3A1637830325&num_cores=48&transmission_method=beacon HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
Origin: https://safety-for-you346168.io.vn
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 08 Dec 2023 15:15:36 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/ajax/mtouch_perf_page_load_timings/?lid=7037750802906714093-0&seq_num=2&event=first_paint&client_event_time=1702048543.211&time_from_nav_start_ms=3472&jazoest=22060&previous_event=prelude_onload&log_to_scuba=false&fb_dtsg=AQEeSudqCxLiEhc%3A9%3A1637830325&num_cores=48&transmission_method=beacon
404 Not Found 1.2 kB URL POST HTTP/2 safety-for-you346168.io.vn/ajax/mtouch_perf_page_load_timings/?lid=7037750802906714093-0&seq_num=2&event=first_paint&client_event_time=1702048543.211&time_from_nav_start_ms=3472&jazoest=22060&previous_event=prelude_onload&log_to_scuba=false&fb_dtsg=AQEeSudqCxLiEhc%3A9%3A1637830325&num_cores=48&transmission_method=beacon
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /ajax/mtouch_perf_page_load_timings/?lid=7037750802906714093-0&seq_num=2&event=first_paint&client_event_time=1702048543.211&time_from_nav_start_ms=3472&jazoest=22060&previous_event=prelude_onload&log_to_scuba=false&fb_dtsg=AQEeSudqCxLiEhc%3A9%3A1637830325&num_cores=48&transmission_method=beacon HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
Origin: https://safety-for-you346168.io.vn
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 08 Dec 2023 15:15:36 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/ajax/mtouch_perf_page_load_timings/?lid=7037750802906714093-0&seq_num=3&event=jewels_visible&client_event_time=1702048543.211&time_from_nav_start_ms=3472&jazoest=22060&previous_event=first_paint&log_to_scuba=false&fb_dtsg=AQEeSudqCxLiEhc%3A9%3A1637830325&num_cores=48&transmission_method=beacon
404 Not Found 1.2 kB URL POST HTTP/2 safety-for-you346168.io.vn/ajax/mtouch_perf_page_load_timings/?lid=7037750802906714093-0&seq_num=3&event=jewels_visible&client_event_time=1702048543.211&time_from_nav_start_ms=3472&jazoest=22060&previous_event=first_paint&log_to_scuba=false&fb_dtsg=AQEeSudqCxLiEhc%3A9%3A1637830325&num_cores=48&transmission_method=beacon
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /ajax/mtouch_perf_page_load_timings/?lid=7037750802906714093-0&seq_num=3&event=jewels_visible&client_event_time=1702048543.211&time_from_nav_start_ms=3472&jazoest=22060&previous_event=first_paint&log_to_scuba=false&fb_dtsg=AQEeSudqCxLiEhc%3A9%3A1637830325&num_cores=48&transmission_method=beacon HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
Origin: https://safety-for-you346168.io.vn
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 08 Dec 2023 15:15:36 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
safety-for-you346168.io.vn/Account%20security_files/-7rtbzkhkiz.js.t%E1%BA%A3i%20xu%E1%BB%91ng
200 OK 586 kB URL GET HTTP/2 safety-for-you346168.io.vn/Account%20security_files/-7rtbzkhkiz.js.t%E1%BA%A3i%20xu%E1%BB%91ng
IP
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
Requested by https://safety-for-you346168.io.vn/
Certificate IssuerLet's Encrypt
Subjectmail.implement-quick-protection69752.io.vn
FingerprintB2:91:F9:23:EE:7A:47:9E:A4:8C:B2:94:96:86:AD:42:6A:9F:DE:68
ValidityWed, 15 Nov 2023 11:24:38 GMT - Tue, 13 Feb 2024 11:24:37 GMT
File type ASCII text, with very long lines (5318)
Size 586 kB (585682 bytes)
Hash 6d592bd6ab0e8354a7d8179ab3c38bc2
8499b82820aa8d997a8e7a65f254916cee668b8d
2569f09c86fd39ec4ddf0dc54dd22b8c5a078eca719f11f7bc9737803717ee3c
Analyzer Verdict Alert OpenPhish phishing Facebook, Inc.
Quad9 DNS malicious Sinkholed
GET /Account%20security_files/-7rtbzkhkiz.js.t%E1%BA%A3i%20xu%E1%BB%91ng HTTP/1.1
Host: safety-for-you346168.io.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://safety-for-you346168.io.vn/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=05815747e9c623f992ed114cde82a4ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Sun, 05 Dec 2021 17:24:52 GMT
accept-ranges: bytes
content-length: 585682
date: Fri, 08 Dec 2023 15:15:35 GMT
server: LiteSpeed
access-control-allow-origin: *
X-Firefox-Spdy: h2
103.18.6.220
142.250.74.35
31.13.72.12