Report - giatocnhp.com/

Report Overview

Submitted URL
giatocnhp.com/
IP
103.130.216.150
ASN
#135951 Webico Company Limited
Submitted
2022-09-09 19:56:27
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	1.3 kB	3.5 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.25
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T08:37:51Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	44.238.3.246
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	331 B	700 B	142.250.74.3
giatocnhp.com	unknown			8.2 kB	4.5 MB	103.130.216.150
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-17T09:12:35Z	444 B	2.2 kB	142.250.74.10
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.2 kB	54 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-09	medium	giatocnhp.com/	Phishing
2022-09-09	medium	giatocnhp.com/assets/js/popper.min.js	Phishing
2022-09-09	medium	giatocnhp.com/assets/js/vendor/modernizr-2.8.3.min.js	Phishing
2022-09-09	medium	giatocnhp.com/assets/js/bootstrap.min.js	Phishing
2022-09-09	medium	giatocnhp.com/assets/js/vendor/jquery-1.12.4.min.js	Phishing
2022-09-09	medium	giatocnhp.com/assets/js/ajax-mail.js	Phishing
2022-09-09	medium	giatocnhp.com/assets/js/main.js	Phishing
2022-09-09	medium	giatocnhp.com/assets/js/plugins.js	Phishing
2022-09-09	medium	giatocnhp.com/assets/fonts/ionicons.ttf?v=2.0.0	Phishing
2022-09-09	medium	giatocnhp.com/assets/fonts/fontawesome-webfont.woff2?v=4.7.0	Phishing
2022-09-09	medium	giatocnhp.com/assets/images/NHP.ico	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	giatocnhp.com/assets/js/ajax-mail.js	1.2 kB	2023-03-07	2024-01-25
Pretty URL giatocnhp.com/assets/js/ajax-mail.js IP 103.130.216.150 ASN #135951 Webico Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:34 Last Seen2024-01-25 19:54:42 Times Seen56 Hash 4502c5c8a566110f3617ac2da4ce5bf1 7f549512b2548e11a4b46f02844ddc809ab29fd6 54d231cc9df05fd846703de91d66093bbeaf1a8ea9060beb207bd11a590826a3 Loading...

	giatocnhp.com/	1.2 kB	2023-03-17	2023-03-17
Pretty URL giatocnhp.com/ IP 103.130.216.150 ASN #135951 Webico Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:13 Last Seen2023-03-17 11:31:13 Times Seen1 Hash 62f3a0050224450d1601483c303b481e 4353e04819a8bd269a4bee9ec487ad3d0409eb32 db25aef6e7dada727879ccf9c96be610c99c2332487661775e95fb8e141ef045 Loading...

	giatocnhp.com/assets/js/popper.min.js	19 kB	2023-03-07	2024-04-20
Pretty URL giatocnhp.com/assets/js/popper.min.js IP 103.130.216.150 ASN #135951 Webico Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:31 Last Seen2024-04-20 22:43:11 Times Seen2003 Hash 3621381129597bf34d48a9e2623e05c9 edb00146d1636c247c7afaa61f11aad0c0fc5120 3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7 Loading...

	giatocnhp.com/assets/js/vendor/modernizr-2.8.3.min.js	16 kB	2023-03-07	2024-04-16
Pretty URL giatocnhp.com/assets/js/vendor/modernizr-2.8.3.min.js IP 103.130.216.150 ASN #135951 Webico Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:33 Last Seen2024-04-16 20:21:02 Times Seen1527 Hash da941a6e1e1df098744318f6d25ba13a 15f441d0df5a01efc674d62b88c0c95bf233656a 2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967 Loading...

	giatocnhp.com/assets/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-16
Pretty URL giatocnhp.com/assets/js/bootstrap.min.js IP 103.130.216.150 ASN #135951 Webico Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:27 Last Seen2024-04-16 17:29:26 Times Seen2702 Hash 46b549bdc90920f18a911f186b9dd75c 3c639c4af5c036a6ee364215bd12c0b12937827d 1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5 Loading...

	giatocnhp.com/assets/js/vendor/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-04-23
Pretty URL giatocnhp.com/assets/js/vendor/jquery-1.12.4.min.js IP 103.130.216.150 ASN #135951 Webico Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-23 09:23:38 Times Seen118635 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	giatocnhp.com/assets/js/main.js	5.6 kB	2023-03-17	2023-03-17
Pretty URL giatocnhp.com/assets/js/main.js IP 103.130.216.150 ASN #135951 Webico Company Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:31:13 Last Seen2023-03-17 11:31:13 Times Seen1 Hash 170b96eb3433e3c0a60ab8f57140b8ef df209c832d7fec96d43a62de1e4f8b51c93a95b3 d82cf26534f91d7d7dc2acd3e4d0d1a2ad172682b32efab57c5c56f5ef61412e Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 11:28:20 Times Seen37018807 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (45)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2190
Expires: Fri, 09 Sep 2022 20:32:46 GMT
Date: Fri, 09 Sep 2022 19:56:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 19:05:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YLGpTHlEcjHe7x0SzP4zAbXnHNTv6icfdcsr3E71CVUIsbn3o1YCKQ==
Age: 3021

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GEtxhiWFNEUvUkPzMKTUJmgNKS4oU_VnVR4bnY6imnKgPvbIYVlVTQ==
age: 58182
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:56:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:56:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

giatocnhp.com/

103.130.216.150

200 OK

24 kB

URL HTTP/1.1
giatocnhp.com/
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
24 kB (23786 bytes)
Hash
d2571165904402c1437be56a34a1516b
dc5d56253180aefdeba8645cc01e6b516d0ad63f
0e59fb369a30865dfb09f65d95bfbee96b8adcf0f8eb6d6e69021c9b604a4537

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
last-modified: Fri, 29 Jul 2022 16:49:35 GMT
etag: "5cea-62e40f9f-ddfe99a6b500ec3b;;;"
accept-ranges: bytes
content-length: 23786
date: Fri, 09 Sep 2022 19:56:16 GMT
server: LiteSpeed
vary: User-Agent

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

142.250.74.10

200 OK

1.4 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.4 kB (1431 bytes)
Hash
e94e32a55d15a49389a82372d0692c50
225186e87246814c37281a4176d9ffc4fb6a2ba3
88fd5c1c449e9c53689f48879756d044f7852d0967e3753a44c8b1b952a2dbde

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://giatocnhp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 19:56:16 GMT
date: Fri, 09 Sep 2022 19:56:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 19:56:07 GMT
Expires: Fri, 09 Sep 2022 20:52:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 13mGJYAD1In58vvJ3vS-QiSmK1FYBJHAiGyDk4XckdZ0z21walCEGw==
Age: 9

giatocnhp.com/assets/js/popper.min.js

103.130.216.150

200 OK

19 kB

URL HTTP/1.1
giatocnhp.com/assets/js/popper.min.js
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
ASCII text, with very long lines (18860)
Size
19 kB (18994 bytes)
Hash
3621381129597bf34d48a9e2623e05c9
edb00146d1636c247c7afaa61f11aad0c0fc5120
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/popper.min.js HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:16 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 22:22:06 GMT
etag: "4a32-60f89e0e-312e75fb30b9128d;;;"
accept-ranges: bytes
content-length: 18994
date: Fri, 09 Sep 2022 19:56:16 GMT
server: LiteSpeed
vary: User-Agent

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2221
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:56:16 GMT
Last-Modified: Fri, 09 Sep 2022 19:19:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

giatocnhp.com/assets/js/vendor/modernizr-2.8.3.min.js

103.130.216.150

200 OK

16 kB

URL HTTP/1.1
giatocnhp.com/assets/js/vendor/modernizr-2.8.3.min.js
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
HTML document, ASCII text, with very long lines (14856)
Size
16 kB (15514 bytes)
Hash
da941a6e1e1df098744318f6d25ba13a
15f441d0df5a01efc674d62b88c0c95bf233656a
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor/modernizr-2.8.3.min.js HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:16 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 22:22:23 GMT
etag: "3c9a-60f89e1f-41ad9511223f34e6;;;"
accept-ranges: bytes
content-length: 15514
date: Fri, 09 Sep 2022 19:56:16 GMT
server: LiteSpeed
vary: User-Agent

push.services.mozilla.com/

44.238.3.246

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.238.3.246:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 65wgYJHqIvr+RBGP4okxRQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xeyGqy1MI7vukJmkLc9c13vMB/M=

giatocnhp.com/assets/js/bootstrap.min.js

103.130.216.150

200 OK

51 kB

URL HTTP/1.1
giatocnhp.com/assets/js/bootstrap.min.js
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
ASCII text, with very long lines (50277)
Size
51 kB (50564 bytes)
Hash
46b549bdc90920f18a911f186b9dd75c
3c639c4af5c036a6ee364215bd12c0b12937827d
1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/bootstrap.min.js HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 22:22:06 GMT
etag: "c584-60f89e0e-25f521d1401dd82f;;;"
accept-ranges: bytes
content-length: 50564
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/css/bootstrap.min.css

103.130.216.150

200 OK

127 kB

URL HTTP/1.1
giatocnhp.com/assets/css/bootstrap.min.css
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
ASCII text, with very long lines (65318)
Size
127 kB (127343 bytes)
Hash
0866f647ccb0fc70bf377c29d60ec42a
befa2e8b1efb174a24b6415b7012e728e22aad47
e2505bfd636eb77e41cba322efed4158827eed4b1cf3218c2bde3eee8ab687d3

HTTP Headers

GET /assets/css/bootstrap.min.css HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:16 GMT
content-type: text/css
last-modified: Wed, 21 Jul 2021 22:22:04 GMT
etag: "1f16f-60f89e0c-d398e0fd0b3aa52c;;;"
accept-ranges: bytes
content-length: 127343
date: Fri, 09 Sep 2022 19:56:16 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/css/style.css

103.130.216.150

200 OK

69 kB

URL HTTP/1.1
giatocnhp.com/assets/css/style.css
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
ASCII text, with very long lines (996)
Size
69 kB (68995 bytes)
Hash
b6794cc291b9b6208bb4f1e601a95846
a9a14e4c179a9a351c500d832d878535ea4aa8ac
d89f27dc77200a336605c0c50f09ab8acac13b03a9cc44ac1d1b787c0c6fb5aa

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:16 GMT
content-type: text/css
last-modified: Wed, 21 Jul 2021 22:22:05 GMT
etag: "10d83-60f89e0d-5b12b82d43c53997;;;"
accept-ranges: bytes
content-length: 68995
date: Fri, 09 Sep 2022 19:56:16 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/js/vendor/jquery-1.12.4.min.js

103.130.216.150

200 OK

97 kB

URL HTTP/1.1
giatocnhp.com/assets/js/vendor/jquery-1.12.4.min.js
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
ASCII text, with very long lines (32077)
Size
97 kB (97163 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/vendor/jquery-1.12.4.min.js HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:16 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 22:22:23 GMT
etag: "17b8b-60f89e1f-5fd4fe0aac796fe5;;;"
accept-ranges: bytes
content-length: 97163
date: Fri, 09 Sep 2022 19:56:16 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/js/ajax-mail.js

103.130.216.150

200 OK

1.2 kB

URL HTTP/1.1
giatocnhp.com/assets/js/ajax-mail.js
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
ASCII text
Size
1.2 kB (1201 bytes)
Hash
4502c5c8a566110f3617ac2da4ce5bf1
7f549512b2548e11a4b46f02844ddc809ab29fd6
54d231cc9df05fd846703de91d66093bbeaf1a8ea9060beb207bd11a590826a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/ajax-mail.js HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 22:22:06 GMT
etag: "4b1-60f89e0e-1b9d900e3f5406c1;;;"
accept-ranges: bytes
content-length: 1201
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/js/main.js

103.130.216.150

200 OK

5.6 kB

URL HTTP/1.1
giatocnhp.com/assets/js/main.js
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
ASCII text
Size
5.6 kB (5619 bytes)
Hash
170b96eb3433e3c0a60ab8f57140b8ef
df209c832d7fec96d43a62de1e4f8b51c93a95b3
d82cf26534f91d7d7dc2acd3e4d0d1a2ad172682b32efab57c5c56f5ef61412e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/main.js HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 22:22:06 GMT
etag: "15f3-60f89e0e-7a0d82b72e3bea88;;;"
accept-ranges: bytes
content-length: 5619
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/js/plugins.js

103.130.216.150

200 OK

141 kB

URL HTTP/1.1
giatocnhp.com/assets/js/plugins.js
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
HTML document, ASCII text, with very long lines (42862)
Size
141 kB (141139 bytes)
Hash
fbfec93706e29aa8cfa41aa56262ad55
1370dd0a26ad4899a213b54645c8d77ee6b144b1
c5cbb6b36aaa55ffcbc1ab969f15f4990a0fd50ae5a0c2571cf8e5dd8652f7ae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/plugins.js HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: application/javascript
last-modified: Wed, 21 Jul 2021 22:22:06 GMT
etag: "22753-60f89e0e-4531d5a7d5f7b80f;;;"
accept-ranges: bytes
content-length: 141139
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/screenshot/001.png

103.130.216.150

200 OK

183 kB

URL HTTP/1.1
giatocnhp.com/assets/images/screenshot/001.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 273 x 578, 8-bit/color RGBA, non-interlaced\012- data
Size
183 kB (182830 bytes)
Hash
7b480bca36e5f2383e5ed1715ff0ab7f
274dffd1d26cc9b33ca7c19913ea8966d231845b
481a32bbc7ae625e1ea12dc95f23ce44f9934b29569298ccc0431730989ee449

HTTP Headers

GET /assets/images/screenshot/001.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 22:22:14 GMT
etag: "2ca2e-60f89e16-51022c9aef866b57;;;"
accept-ranges: bytes
content-length: 182830
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/logo/NHP.png

103.130.216.150

200 OK

5.0 kB

URL HTTP/1.1
giatocnhp.com/assets/images/logo/NHP.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 244 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (5017 bytes)
Hash
a21b54fa9458968f486779aba813d5bf
991f1e4a21c536e8f520ebe8d5c025ce2cc09e6b
0cefb8699ac54404e21c4f640258ff36d71c30c53ac80f18be6429849b1ddcf7

HTTP Headers

GET /assets/images/logo/NHP.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 22:22:19 GMT
etag: "1399-60f89e1b-8e66006ee83b702a;;;"
accept-ranges: bytes
content-length: 5017
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/logo/NHP3.png

103.130.216.150

200 OK

5.7 kB

URL HTTP/1.1
giatocnhp.com/assets/images/logo/NHP3.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 244 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
5.7 kB (5671 bytes)
Hash
e8f5593b7fbba4ca3ad25fa1985d529b
2cf41c015bd4bae64d7a34ea9568b7a1b8f29bb6
f85d9aedcea37aa96b774bbf6546ad36f39588931c3363ee9f2cfba68b4eb70d

HTTP Headers

GET /assets/images/logo/NHP3.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 22:22:19 GMT
etag: "1627-60f89e1b-a0048eee1040bae2;;;"
accept-ranges: bytes
content-length: 5671
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/screenshot/006.png

103.130.216.150

200 OK

193 kB

URL HTTP/1.1
giatocnhp.com/assets/images/screenshot/006.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 273 x 578, 8-bit/color RGBA, non-interlaced\012- data
Size
193 kB (192816 bytes)
Hash
cfce054ca01b6f6a249451cde1148cc8
0e1e5e7f7be134f1333e6d043f3d5e361d7ec396
0c091cbd5282ba0aadb95f2ff5e4f12c238d8ffb32d85ae109fa411c8df189d8

HTTP Headers

GET /assets/images/screenshot/006.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 22:22:15 GMT
etag: "2f130-60f89e17-8c82b73102731b8f;;;"
accept-ranges: bytes
content-length: 192816
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/buonghang.png

103.130.216.150

200 OK

198 kB

URL HTTP/1.1
giatocnhp.com/buonghang.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 338 x 693, 8-bit/color RGBA, non-interlaced\012- data
Size
198 kB (198285 bytes)
Hash
4ae467d8439ae74f3cbf312b1e9ebf1c
122588844cd59721b301f3c48b62a79a48be8347
865f3a042d4d8823b512223e7e133ae26eca0026d73faec1a9944da91d1dcf17

HTTP Headers

GET /buonghang.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: image/png
last-modified: Thu, 22 Jul 2021 22:47:23 GMT
etag: "3068d-60f9f57b-6e7632b95cd37cc7;;;"
accept-ranges: bytes
content-length: 198285
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/screenshot/003.png

103.130.216.150

200 OK

190 kB

URL HTTP/1.1
giatocnhp.com/assets/images/screenshot/003.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 273 x 578, 8-bit/color RGBA, non-interlaced\012- data
Size
190 kB (190377 bytes)
Hash
547c209cb0a91e667e040a4578189a35
47cc2648acce24ac55f1518818a759c55a5a054e
fefcb34983005a6a8cd5dbd17dc6935412522181fce6a3ff6144bd4d8797c4c7

HTTP Headers

GET /assets/images/screenshot/003.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:17 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 22:22:13 GMT
etag: "2e7a9-60f89e15-f6e270801d6f34b4;;;"
accept-ranges: bytes
content-length: 190377
date: Fri, 09 Sep 2022 19:56:17 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/fonts/ionicons.ttf?v=2.0.0

103.130.216.150

200 OK

188 kB

URL HTTP/1.1
giatocnhp.com/assets/fonts/ionicons.ttf?v=2.0.0
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size
188 kB (188508 bytes)
Hash
24712f6c47821394fba7942fbb52c3b2
1b0a0de084905946a20300ca8c354865dec46764
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/fonts/ionicons.ttf?v=2.0.0 HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/assets/css/plugins.css

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: application/x-font-ttf
last-modified: Wed, 21 Jul 2021 22:22:11 GMT
etag: "2e05c-60f89e13-ab78506becd23c97;;;"
accept-ranges: bytes
content-length: 188508
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/slider/slider-02.png

103.130.216.150

200 OK

30 kB

URL HTTP/1.1
giatocnhp.com/assets/images/slider/slider-02.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 1920 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (29930 bytes)
Hash
4462fa9fc0d0e12aa0384de1de3cbb7f
43ab87d5350dc6ce2f0ddfc4dfc68f6868bf253f
3205c9a56ff2943d1ea3cf6de800d446d2df8fbe789bdf34e5c4829446541bf0

HTTP Headers

GET /assets/images/slider/slider-02.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 22:22:17 GMT
etag: "74ea-60f89e19-64d7c1a7c7a7c6;;;"
accept-ranges: bytes
content-length: 29930
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/icon/youtube.png

103.130.216.150

200 OK

16 kB

URL HTTP/1.1
giatocnhp.com/assets/images/icon/youtube.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 289 x 103, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15737 bytes)
Hash
3afb23549cb628fd4aab5db73f3668c3
54276caf76bb9b366fb82faddca5eb18dc0c08c8
8df24101a9f28e29af8b317cc9635bfc6545f56755a4d53f71fd10be83948e90

HTTP Headers

GET /assets/images/icon/youtube.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: image/png
last-modified: Sat, 11 Sep 2021 09:10:15 GMT
etag: "3d79-613c7277-e751e07e31e14db0;;;"
accept-ranges: bytes
content-length: 15737
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

103.130.216.150

200 OK

77 kB

URL HTTP/1.1
giatocnhp.com/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://giatocnhp.com/assets/css/plugins.css

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: font/woff2
last-modified: Wed, 21 Jul 2021 22:22:11 GMT
etag: "12d68-60f89e13-26cf9564e8e11637;;;"
accept-ranges: bytes
content-length: 77160
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/screenshot/009.png

103.130.216.150

200 OK

201 kB

URL HTTP/1.1
giatocnhp.com/assets/images/screenshot/009.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 273 x 578, 8-bit/color RGBA, non-interlaced\012- data
Size
201 kB (200843 bytes)
Hash
70aff42a84e94660a879b52a951a8f30
acfad0168a19d2ce443a669f4298c6c3a5e48dc7
201d2f0ceb0970b2f05480fdb30b7fc8d03010f17981ca47ede68049794d9d04

HTTP Headers

GET /assets/images/screenshot/009.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 22:22:16 GMT
etag: "3108b-60f89e18-7177d4c1efc88c6f;;;"
accept-ranges: bytes
content-length: 200843
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10295
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 19:56:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10295
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 19:56:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10295
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 19:56:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4532 bytes)
Hash
a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
age: 75680
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.1 kB (3125 bytes)
Hash
0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 55404
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4002 bytes)
Hash
c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 78663
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10950 bytes)
Hash
15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:02:59 GMT
age: 78799
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8354 bytes)
Hash
7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: e7ec7e84-0924-4f5f-b289-4c750ea99567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHHnNIAMFlrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-49565105361ec7f76cb818e0;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DvCs6zEt1p58iwZaXfuF9YFA-fieE5Y974E07YMNYPiaGbR5iuXK-A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:51 GMT
age: 79827
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16161 bytes)
Hash
25f5b03125ec15193e9dc0970050c2c5
712d9774b838f4d0ade26b674e8d038295cf3a6b
858d64da226534e5a96cb11fedeee1d1d55c0ac9e54a1f98d10e29be0d39eca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16161
x-amzn-requestid: 041df785-47cb-476f-9c22-d1f776c34bdb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThG4uoAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-66d92cab4181c30f66fe59c3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WB79ZqWSIlt3JU8KdLx7tROSorUqBoLEB7wdLSDotNfYOfz53wEB7w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:53:13 GMT
age: 79385
etag: "712d9774b838f4d0ade26b674e8d038295cf3a6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

giatocnhp.com/assets/images/screenshot/tran.png

103.130.216.150

200 OK

119 kB

URL HTTP/1.1
giatocnhp.com/assets/images/screenshot/tran.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 237 x 513, 8-bit/color RGB, non-interlaced\012- data
Size
119 kB (119187 bytes)
Hash
0a8540315c8fd35a72646c1a53717ed0
c1a67293377d8c0426f9ce7263ca4f63bff52dad
a621340d4ddea8d9c68cad8e6d381b03c993ca3d2e9ce35784301241a93d7f83

HTTP Headers

GET /assets/images/screenshot/tran.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: image/png
last-modified: Fri, 23 Jul 2021 22:34:33 GMT
etag: "1d193-60fb43f9-82c6ac46767a4d96;;;"
accept-ranges: bytes
content-length: 119187
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/screenshot/011.png

103.130.216.150

200 OK

141 kB

URL HTTP/1.1
giatocnhp.com/assets/images/screenshot/011.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 946x2048, components 3\012- data
Size
141 kB (140562 bytes)
Hash
eb98c477fd94e4828bea36eee41a88bb
655d95b0cc0866e039a22322925e56f7ea794bf9
ee50dd82af3436d012f8fd5612641357e3588d597f04925e1e5a03e0abaad0d0

HTTP Headers

GET /assets/images/screenshot/011.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: image/png
last-modified: Mon, 23 Aug 2021 12:48:49 GMT
etag: "22512-61239931-28b70fd0a0636091;;;"
accept-ranges: bytes
content-length: 140562
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/screenshot/004.png

103.130.216.150

200 OK

847 kB

URL HTTP/1.1
giatocnhp.com/assets/images/screenshot/004.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 946 x 2048, 8-bit/color RGB, non-interlaced\012- data
Size
847 kB (846911 bytes)
Hash
34c492bff716d67131e58667ac6b8881
42e88eef0982aaa90e663daa123899bdb1806dc5
dbbcd4507c12345cba93c1f3e621c396a88bd8b9bf0af3e1c20702e3465a9ee3

HTTP Headers

GET /assets/images/screenshot/004.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: image/png
last-modified: Mon, 23 Aug 2021 12:53:47 GMT
etag: "cec3f-61239a5b-e0b70b0a57a0da6a;;;"
accept-ranges: bytes
content-length: 846911
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/about/2.png

103.130.216.150

200 OK

1.5 MB

URL HTTP/1.1
giatocnhp.com/assets/images/about/2.png
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 980 x 1132, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 MB (1479659 bytes)
Hash
efe308dc5ef2b2e266cf97af738b760a
e30222c59d97b355b1e9c707117b24ccd2097483
d12871ef23100f0bbdc2e974295730658e6aa5ef693955ffe38e1cc7c59ab0e1

HTTP Headers

GET /assets/images/about/2.png HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: image/png
last-modified: Tue, 07 Dec 2021 16:21:30 GMT
etag: "1693eb-61af8a0a-fe7842cba2196650;;;"
accept-ranges: bytes
content-length: 1479659
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/images/NHP.ico

103.130.216.150

200 OK

61 kB

URL HTTP/1.1
giatocnhp.com/assets/images/NHP.ico
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
61 kB (60596 bytes)
Hash
08c14dde1b3e50244acc55e5a18ddc17
dbf7492bca3276dddde0d08a6acd9ba91c38509a
5a12e8021dfd565c81a06ed57c397d960f67b9261d1225f2e66059c2a5d9630c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/images/NHP.ico HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:18 GMT
content-type: image/x-icon
last-modified: Wed, 21 Jul 2021 22:22:05 GMT
etag: "ecb4-60f89e0d-99789e60a37d2127;;;"
accept-ranges: bytes
content-length: 60596
date: Fri, 09 Sep 2022 19:56:18 GMT
server: LiteSpeed
vary: User-Agent

giatocnhp.com/assets/css/plugins.css

103.130.216.150

200 OK

0 B

URL HTTP/1.1
giatocnhp.com/assets/css/plugins.css
IP
103.130.216.150:0
ASN
#135951 Webico Company Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/css/plugins.css HTTP/1.1
Host: giatocnhp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://giatocnhp.com/

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 16 Sep 2022 19:56:16 GMT
content-type: text/css
last-modified: Wed, 21 Jul 2021 22:22:04 GMT
etag: "3f302-60f89e0c-3708c3931eeb61a9;;;"
accept-ranges: bytes
content-length: 258818
date: Fri, 09 Sep 2022 19:56:16 GMT
server: LiteSpeed
vary: User-Agent

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (45)

URL HTTP/1.1