| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303 |  104.26.0.51 | 301 Moved Permanently | 0 B |
URL HTTP/1.1ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303 IP104.26.0.51:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| openphish | Huntington Bank | |
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET PHISHING Possible Compromised Wordpress - Generic Phishing Landing 2018-01-22 |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 12:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Feb 2023 13:15:19 GMT
Location: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Fn5ju4b9wsEq2Po68rf6%2Fx7%2FTeOpL1oxxiJQQNHL5Tne7yCvgt2COsWiROJNir7y7KOZ33klru%2F2StQPt227i0eNKMiT3QFe1iDRs4dy5UgN9WPNAFOEYxtccjYqn5O"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7953cf83e801b506-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc21ba65e44ac95470c314e068e49a9eb 17a13b13738993d889d4afa3d848dc63bf6eba64 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20621
Expires: Mon, 06 Feb 2023 17:59:00 GMT
Date: Mon, 06 Feb 2023 12:15:19 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash1cdc095521e9ee2606059be447d1fdd5 02b5d0a5b5823e2338daf7e144700babe2a213af 8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12267
Expires: Mon, 06 Feb 2023 15:39:46 GMT
Date: Mon, 06 Feb 2023 12:15:19 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 11:36:27 GMT
content-type: application/json
age: 2332
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashfb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8823
Expires: Mon, 06 Feb 2023 14:42:22 GMT
Date: Mon, 06 Feb 2023 12:15:19 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ywfvflcQP9uv9i3zSGQfq1EEl5el+XhTxUNXr68XGxLon4i077Mil20d4JqDqd+HezG5YBJVaSU=
x-amz-request-id: PK17WFWYYP1N9A9J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 11:24:55 GMT
age: 3025
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 12:15:20 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/aJ5_o_MKP7Y | 142.250.74.131 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/aJ5_o_MKP7Y IP142.250.74.131:0
Hashc8bbe8e3b9932682550fb2870be8dfa8 6fef2408a29fa0516de2a6dc121f1cb2cd869a4f 3b303425f5512a8de6e511b02da57e8b8c9c0d01dd7db2d79271e9b5b646540c
POST /s/gts1p5/aJ5_o_MKP7Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:15:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, Pragma, Alert, Cache-Control, Content-Length, Expires, Retry-After, Backoff, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 12:07:20 GMT
age: 480
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashdedf9c519ac38c4bece9c5bc895787d7 4911175c3f8a435978c5301c33c7a99a5e00a1d5 bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2956
Expires: Mon, 06 Feb 2023 13:04:36 GMT
Date: Mon, 06 Feb 2023 12:15:20 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 54.186.4.248 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.186.4.248:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XMjH9Q5NLT42xtfFFYFh7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ad58Mj7cvNoLA08azNIzz/11x9w=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12159
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 12:15:22 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12159
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 12:15:22 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12159
Expires: Mon, 06 Feb 2023 15:38:01 GMT
Date: Mon, 06 Feb 2023 12:15:22 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash714723c38877e0d1655c7118a88ec064 809a42ce7c76cea0ce16af8172d852723c3a5f02 6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WPChtMRjKafjMFkXCam-m5lHQ-4E-UZ5VwnfjrBKaz6nuOh70Fkunw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:46 GMT
age: 51156
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9046d887fd45a0940e31a74173d17798 1ff698b9cf660165e846dfc4770f29852aedce45 0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 51913
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg | 34.120.237.76 | 200 OK | 7.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash13572f84ad268caedcc897f2ad7b9baf afb91ab43953e8915a2169618d2ab5e330cde0a1 0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: F-bdQPU-zYhIlXtxcW_TiqE8ifPg3i0cg8gFuvJSfwoMDTe-Hqy1jg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:47 GMT
age: 51155
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashccc8078cc937b7de0b299bcee1496f1b 395f04af71767acc9516387c8b07bde08968fdfe cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 50668
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf267c5cee67458c0f6ef42c4feb5217e f5092ce77834e8f1f245b987204ff6a194c38ef6 84c5cde3d7e06e6dd32d1c98172606c8d912c7032a4677f8851e42e4b195e420
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd67ec8ef-bdc5-4f9b-a7be-c0d8b932923a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9451
x-amzn-requestid: 3f95347b-f0bf-43dd-90fc-5087bf0de607
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okJGUCoAMF0sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214d-53d6a2de41af72770b086196;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jmGGGqJoMe4zt4RqNID5Xo7SVaWVAIAYf9s9YcduklkfdFnYniULOA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:03 GMT
age: 51859
etag: "f5092ce77834e8f1f245b987204ff6a194c38ef6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb3e7140400336984afc6093c1246f863 59e0b21cdf4cfdac3f1ea05badd007727939ac42 4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:15:34 GMT
age: 79188
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/.well-known/error.png | 104.26.1.51 | 200 OK | 79 kB |
URL HTTP/2ntutdc1995.com/.well-known/error.png IP104.26.1.51:0
File typePNG image data, 480 x 488, 8-bit/color RGBA, non-interlaced\012- data Hashf291b2d5962b8494d1f6667783956517 23076520a8341d3285b74b8533b941dd70fa6668 88d9b916a02116cd0868e5c0e172a7ef4ae77edd898d8aaee536f0c531b4f459
GET /.well-known/error.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: image/png
content-length: 79237
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=87484
etag: "63c8f6d1-155bc"
expires: Mon, 27 Feb 2023 12:07:45 GMT
last-modified: Thu, 19 Jan 2023 07:52:49 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13291
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwjdx3v%2BM6ehij0DyXS0hZf1AjiA58fMdi7VHYvoiX6Ct4fUIn8NLMq5x94YsLuZknxL77IYhPDfOk5M5Vwgt0eMrP1FN%2BEANYz5a46U%2BqhE%2FzmUzeKaiOaYg3Ip%2Fzcz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953cf9c1f631bfe-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/uploads/2019/01/facebook-2-300x300.png | 104.26.1.51 | 200 OK | 49 kB |
URL HTTP/2ntutdc1995.com/wp-content/uploads/2019/01/facebook-2-300x300.png IP104.26.1.51:0
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data Hash7e58195c2559117128723aa4bf144c03 2bd56faf3f6b66937cecdf4e0147c33f62b0ff0e 2b577a467dfb33f6695cb4bc6e121de7f75d8753ff20b033e29e73becd443d3d
GET /wp-content/uploads/2019/01/facebook-2-300x300.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: image/png
content-length: 48580
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=52362
etag: "5ffaf955-cc8a"
expires: Tue, 07 Mar 2023 12:13:52 GMT
last-modified: Sun, 10 Jan 2021 12:55:49 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13291
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Flf8EhGv8AZMIAQjiE5UC1UM8Gql4pWCxkUYMJWUi%2BxOhH3nMDzwbEUvWowF0Kb%2BitoDTBVIsBGvB2O7xOp%2FDDQFzNakqLuad93WSZpY1pacn2tqlvepuzV96jAWGgth"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953cf9c4fcb1bfe-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/uploads/2019/01/instagram-4-300x300.png | 104.26.1.51 | 200 OK | 54 kB |
URL HTTP/2ntutdc1995.com/wp-content/uploads/2019/01/instagram-4-300x300.png IP104.26.1.51:0
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data Hash576fab78a92216907ec5c2a92896fe44 c7e1ab7076866b393ee7138796690ae46e423e27 54009500be87011054dd9080d431a8093914b99cd4766d1eb53708f792cb726f
GET /wp-content/uploads/2019/01/instagram-4-300x300.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: image/png
content-length: 54433
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=58171
etag: "5ffaf952-e33b"
expires: Mon, 20 Feb 2023 04:05:43 GMT
last-modified: Sun, 10 Jan 2021 12:55:46 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13291
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRbG8a7klti%2B5jKM4sgmHrv0aoXF41fl1DKX7j7GyIbEmSRrdHoh3cSVEsmU79tZSXYn%2FR%2BaRVOAf3XCHTSNxxRb8SB7vKIHFMPGupFEMEL25Hm8r9EG9W8s%2BScdhHeK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953cf9c5fd01bfe-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/uploads/2019/01/youtube-3-300x300.png | 104.26.1.51 | 200 OK | 50 kB |
URL HTTP/2ntutdc1995.com/wp-content/uploads/2019/01/youtube-3-300x300.png IP104.26.1.51:0
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data Hashec4c4ddec6a37329c0057da8a6544f3e 6dd1c9d52017cd4014742ddb4f225b182b0ef91c 9d7902b9ae3bbb5b0f7ac37c99f429d6d65bc79509e878728ee16146f3270ed8
GET /wp-content/uploads/2019/01/youtube-3-300x300.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: image/png
content-length: 50246
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=54161
etag: "5ffaf959-d391"
expires: Sun, 26 Feb 2023 01:50:10 GMT
last-modified: Sun, 10 Jan 2021 12:55:53 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13291
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Bw46BC1Q%2FwoPpkijvCLez8MJq0oalRE%2BSCLHwI849UGupC%2BSJhBr96GRG2w8iaCAKdOXPeQ%2FLZaABXPrhQe1IGlbKCwMXTUIG9p4GAWZJnd3jGJ%2BmPw8U0m%2FPhwqkD2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953cf9c5fd21bfe-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash8e6c8a904a6275f4d478ff38411ca6b7 36f7ab0cfcd1da5101ce8d9e385e3a31061d029d a3147f1f023affaf8a81efa9c13663417dab8d8cad5a5b676484a9944c008410
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4148
Cache-Control: max-age=142970
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:15:23 GMT
Etag: "63e06aa1-118"
Expires: Wed, 08 Feb 2023 03:58:13 GMT
Last-Modified: Mon, 06 Feb 2023 02:49:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash8e6c8a904a6275f4d478ff38411ca6b7 36f7ab0cfcd1da5101ce8d9e385e3a31061d029d a3147f1f023affaf8a81efa9c13663417dab8d8cad5a5b676484a9944c008410
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4148
Cache-Control: max-age=142970
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:15:23 GMT
Etag: "63e06aa1-118"
Expires: Wed, 08 Feb 2023 03:58:13 GMT
Last-Modified: Mon, 06 Feb 2023 02:49:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash370e74ead61664d84985db7a9087c0e4 7c55daf6c9231e1586a0c9d48375766e7f02405f ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:15:23 GMT
Last-Modified: Mon, 06 Feb 2023 11:00:44 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash9206c3ba6d5a17d62244c438fd03496e 069e8257aebe618953434b1299d065540125a512 937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:15:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js |  104.17.24.14 | 200 OK | 6.2 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (19015) Hash7b4114faa411d059a9a5ac4b5b4d9dee 277da4486916fa3a4ab3375f47bc98f58dbf90f6 60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ntutdc1995.com
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7498266
expires: Sat, 27 Jan 2024 12:15:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Nt4R%2F%2FrRrEw2zaxHoMXHK5L1rkSxxxsP9FnbvJgvBpZoqGTyJJbIpLdAcHfHw5WtRujSmoB%2Bp%2FVlC3zYZbacHr%2F4hhEGNB%2BUDMh0FlbKBiY97cv5bo5i%2FWMJo%2FVEW6JQWeZIuJr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7953cf9d59cdb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/js/menu.js?ver=17.3 | 104.26.1.51 | 200 OK | 1.3 kB |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/js/menu.js?ver=17.3 IP104.26.1.51:0
Hash40a36b81ab6aca5799df96e0913601a3 c0f2ca7e8a63daadd0cbe09591d5f39123f66476 288afa3e0e4a473f9197eb1def42943cf22039459f00821ba0d16deb4148dc61
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/js/menu.js?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:19:18 GMT
vary: Accept-Encoding
etag: W/"5f9607f6-991"
expires: Mon, 06 Feb 2023 18:07:50 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9wKaKFqVG6qErzvhurn816kTb%2Bc71Urluxa45ecf7hrc6%2BYWk86mshHn6hTyREJ96%2BH2NwuJ1zjN4inTDbQLZuSM4arE50Q8km3fZRmt5BCsrJM%2BcL%2BN1kYP3%2BdtgyC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd85a1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.2.1.slim.min.js | 69.16.175.10 | 200 OK | 24 kB |
URL HTTP/2code.jquery.com/jquery-3.2.1.slim.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (32012) Hash30f5157a965bc792a83e9bacfe265f03 8330886371fe27f3cbac509e0ac9712207574c66 4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ntutdc1995.com
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1675685723.dop214.sk1.t,1675685723.cds211.sk1.hn,1675685723.cds235.sk1.c
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.3 | 104.26.1.51 | 200 OK | 1.1 kB |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.3 IP104.26.1.51:0
File typeASCII text, with very long lines (1723) Hasha62ccf7e9eea52cce869d168cdca798c 2eb96339fcaf7767d7316fb64adaccf11ab8db95 818861d66b6e5e0b8ba4262b18f148865be99f1dd943cd6f62969e049cea77b4
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:29:53 GMT
vary: Accept-Encoding
etag: W/"5f960a71-768"
expires: Mon, 06 Feb 2023 12:24:39 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1oo3gGXVNGBfrVF6ZfyYVeWyIUlLZWsLxK2exCtEdnHBAZ9QAAK%2FwSxlEz465DUpEsOJmnE%2BTvMvoUiNiYtawf5xKpAh%2B4E2dGcwJTbDYTl%2FAWjcm2%2FnJBMEKobCQYy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd85c1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash8e6c8a904a6275f4d478ff38411ca6b7 36f7ab0cfcd1da5101ce8d9e385e3a31061d029d a3147f1f023affaf8a81efa9c13663417dab8d8cad5a5b676484a9944c008410
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2869
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:15:23 GMT
Last-Modified: Mon, 06 Feb 2023 11:27:34 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
|
|
| www.googletagmanager.com/gtag/js?id=UA-132704531-1 | 142.250.74.40 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-132704531-1 IP142.250.74.40:0
File typeASCII text, with very long lines (1759) Hash9eee11d76d73f47a866ab32811f2601e 1559211a4afdb6f7cfc0b00fffbb56f6981d5072 d1e2a714c94096f9a73e3132b5c2bc07d600ee89592a00ea5c816ba1da32c931
GET /gtag/js?id=UA-132704531-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 12:15:23 GMT
expires: Mon, 06 Feb 2023 12:15:23 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 | 104.26.1.51 | 200 OK | 3.1 kB |
URL HTTP/2ntutdc1995.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 IP104.26.1.51:0
File typeASCII text, with very long lines (8361) Hash0db77833c2936d334389b3d72938509a 7e34aecf3ae3bd1981ffd6cd7273a7dcbb7d93e4 d4f1f16561452a99754bdbd7a095b884367cfbfb9dbf1c15740d173b9ffae677
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 09:47:37 GMT
vary: Accept-Encoding
etag: W/"63d39db9-2188"
expires: Mon, 06 Feb 2023 12:24:38 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z17t%2BJhP8qxMYSpuX5YQ6mVLT%2F3vF%2Fbm6%2Flx429E%2FgJYf4Ifx9Igdc5mbnFBEtAEDC4M7Q0mmxi9u8yu2hWC%2BBSD3YAAXfQb4eJm8nT%2BAOJrYOdYp7KcSJDS4KhhuceP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd8571bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-58BNWM0NZW | 142.250.74.40 | 200 OK | 80 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-58BNWM0NZW IP142.250.74.40:0
File typeASCII text, with very long lines (25667) Hashc8d71753d3f620544bd4b5a8c2235941 0cd7b57ae6992dacacde04e1b8e08bfa47ea8a6f 9fdd08f4a6bf104a88580a8ab058a1d7fbd909a640d72a997ac93574b52d2c80
GET /gtag/js?id=G-58BNWM0NZW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 12:15:23 GMT
expires: Mon, 06 Feb 2023 12:15:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash9206c3ba6d5a17d62244c438fd03496e 069e8257aebe618953434b1299d065540125a512 937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:15:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ntutdc1995.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 | 104.26.1.51 | 200 OK | 4.5 kB |
URL HTTP/2ntutdc1995.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 IP104.26.1.51:0
File typeASCII text, with very long lines (11897) Hash007b8e0c076c6ac0a84ad1710f07758f 2d20f8f7bb05bdb6a332936f4f813e585e9f7564 140df0f5dde09b0bd934b026b8765c0bde8853fc973e0e0cacc451ddcf315d82
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 09:47:41 GMT
vary: Accept-Encoding
etag: W/"63d39dbd-2f4e"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGgycJ%2FN%2BweaIDnULFBpTOHA9aS5BX30oizQurAQ63sKwEYYN5QDEus%2FW2BIVFVmGM%2F9RBVvtbUJZsdkG6gYxttYc6JQZHLjqzKB7uMmCLco127thV8XfsfGBQ3Mx6aU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd8541bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/js/plugins.js?ver=17.3 | 104.26.1.51 | 200 OK | 54 kB |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/js/plugins.js?ver=17.3 IP104.26.1.51:0
File typeASCII text, with very long lines (32011) Hashc55e6f2dcb2bdc07c4c5264591eceb0b e1282b52ca3e43e00d3cc35c8ce87f8144f5578d dce99c7eab5379778b63559ed9023e73aef7e9dc3711d471fa345ab3b43b263e
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/js/plugins.js?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:19:18 GMT
vary: Accept-Encoding
etag: W/"5f9607f6-3014a"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS2vHzr81qLjS%2FR1nut%2BwZXtl5KnVUlVhFHwZb5ZQ%2FvNz%2BhRviUnhvyloT7wbAPVP45b9ntsLHHnF6jpJwRp%2FedYO8oyHt0YqE3li95Hu0BQ%2BKF8lmg7XfyuryPY3lpD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd8581bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash836bc62dbb011b6180fc7209d0061736 74e6f18561a7006a3afb6ab03559eec239ce4b36 90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:15:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/monda/v16/TK3tWkYFABsmjsphPho.woff2 | 142.250.74.35 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/monda/v16/TK3tWkYFABsmjsphPho.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 17784, version 1.0\012- data Hash237d8f26b55375f37c1863feef49eb0b 524e328b13f56784db5d7a60bcb6568dd21b4a64 28ce23ce073ab795fc6e49485c0ba2a48db59d46fa14f12f486828769280d76e
GET /s/monda/v16/TK3tWkYFABsmjsphPho.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ntutdc1995.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 15:36:31 GMT
expires: Fri, 02 Feb 2024 15:36:31 GMT
cache-control: public, max-age=31536000
age: 333533
last-modified: Tue, 26 Apr 2022 15:27:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/monda/v16/TK3gWkYFABsmjsLaGw8Eneo.woff2 | 142.250.74.35 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/monda/v16/TK3gWkYFABsmjsLaGw8Eneo.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 18172, version 1.0\012- data Hash2321513c9faf30093cc8f0ae38ce998e cf325627c752ad59c6b25723ba5d33b068c8c9a7 e9a1d1e6ce35321fcae0d375d7882bc63f86ceb8a94be3948d6aaed013562128
GET /s/monda/v16/TK3gWkYFABsmjsLaGw8Eneo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ntutdc1995.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:32:49 GMT
expires: Wed, 31 Jan 2024 04:32:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:27:51 GMT
content-type: font/woff2
age: 546155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash836bc62dbb011b6180fc7209d0061736 74e6f18561a7006a3afb6ab03559eec239ce4b36 90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 12:15:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ntutdc1995.com/wp-content/themes/betheme/fonts/mfn-icons.woff?23391439 | 104.26.1.51 | 200 OK | 81 kB |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/fonts/mfn-icons.woff?23391439 IP104.26.1.51:0
File typeWeb Open Font Format, TrueType, length 80636, version 1.0\012- data Hash3da843d15ed5d4d39e269cfbad8345fb 1d915a3fd051f9e9cf6f545dfe31939fdb368738 f6134456d89988ada75cfdf21df40c6abdccccf01b48a669add0223f3fa38ec4
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/fonts/mfn-icons.woff?23391439 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/themes/betheme/css/base.css?ver=17.3
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:24 GMT
content-type: font/woff
content-length: 80636
last-modified: Sun, 25 Oct 2020 23:19:10 GMT
etag: "5f9607ee-13afc"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elZdyBk9E15TgSHcAvoFALHtlOzRi4GGD76v8RugzziezmM4dmwkX6ALX9vR5PxlaBEhq6kvGJLOo59bNtgrcVNvKBzds1MtRvIJkRZNqHEb9LCCuEXsclNlSi0oNZvd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953cf9f2a9b1bfe-OSL
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.46 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.46:0
File typeASCII text, with very long lines (1490) Hashca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 11:45:20 GMT
expires: Mon, 06 Feb 2023 13:45:20 GMT
cache-control: public, max-age=7200
age: 1804
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/uploads/2019/01/logosize_512px.png | 104.26.1.51 | 200 OK | 81 kB |
URL HTTP/2ntutdc1995.com/wp-content/uploads/2019/01/logosize_512px.png IP104.26.1.51:0
File typePNG image data, 513 x 513, 8-bit/color RGBA, non-interlaced\012- data Hash1a19c6ddd2c46fde29cfdb250e8df472 63fd7d33414f19877e3f6ff318c9ec1fb73898d5 3936b28122a43cdb28a268a2e9d8159db6e0a9e159d70add54c0706afd4c3924
GET /wp-content/uploads/2019/01/logosize_512px.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc; _ga_58BNWM0NZW=GS1.1.1675685769.1.0.1675685769.0.0.0; _ga=GA1.1.1372755308.1675685769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:24 GMT
content-type: image/png
content-length: 80813
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=84743
etag: "5f960829-14b07"
expires: Tue, 07 Mar 2023 12:14:55 GMT
last-modified: Sun, 25 Oct 2020 23:20:09 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13288
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGSQwLT%2FVpe6DkiNoias%2FdmjJi%2BTlkzMsEI65uQXP61YoIlAnrbREdn%2B9QwH%2B9w5oI4Kg1qH%2BZwYm3gmMmL9gc2cRQUu3GWejN4HFL9W5vKLWpOjoVCjqAi02T0%2Fy6%2Br"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953cfa38f3e1bfe-OSL
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/j/collect?v=1&_v=j99&a=1234064623&t=pageview&_s=1&dl=https%3A%2F%2Fntutdc1995.com%2Fwp-content%2Fplugins%2Fadvanced-floating-content%2Flanguages%2F90dd4e35102a48ddb8a84718ac0c39c1%2Fmail%2Fspectrum%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303%26session%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20%E8%87%BA%E5%A4%A7%E7%9B%83%E7%86%B1%E8%88%9E%E5%A4%A7%E8%B3%BD&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAUABAAAAACAAI~&jid=1961815811&gjid=1228487881&cid=1372755308.1675685769&tid=UA-132704531-1&_gid=846846787.1675685770&_r=1&_slc=1>m=457e3210&z=759134335 | 142.250.74.46 | 200 OK | 2 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j99&a=1234064623&t=pageview&_s=1&dl=https%3A%2F%2Fntutdc1995.com%2Fwp-content%2Fplugins%2Fadvanced-floating-content%2Flanguages%2F90dd4e35102a48ddb8a84718ac0c39c1%2Fmail%2Fspectrum%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303%26session%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20%E8%87%BA%E5%A4%A7%E7%9B%83%E7%86%B1%E8%88%9E%E5%A4%A7%E8%B3%BD&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAUABAAAAACAAI~&jid=1961815811&gjid=1228487881&cid=1372755308.1675685769&tid=UA-132704531-1&_gid=846846787.1675685770&_r=1&_slc=1>m=457e3210&z=759134335 IP142.250.74.46:0
File typeASCII text, with no line terminators Hash38684612f0c6bb6dfa16da92f4a6878f 6fe62d0dd7db314b7f9bb945672f078e01d27f0f a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1234064623&t=pageview&_s=1&dl=https%3A%2F%2Fntutdc1995.com%2Fwp-content%2Fplugins%2Fadvanced-floating-content%2Flanguages%2F90dd4e35102a48ddb8a84718ac0c39c1%2Fmail%2Fspectrum%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303%26session%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20%E8%87%BA%E5%A4%A7%E7%9B%83%E7%86%B1%E8%88%9E%E5%A4%A7%E8%B3%BD&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAUABAAAAACAAI~&jid=1961815811&gjid=1228487881&cid=1372755308.1675685769&tid=UA-132704531-1&_gid=846846787.1675685770&_r=1&_slc=1>m=457e3210&z=759134335 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ntutdc1995.com
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://ntutdc1995.com
date: Mon, 06 Feb 2023 12:15:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-58BNWM0NZW>m=45je3210&_p=1234064623&cid=1372755308.1675685769&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675685769&sct=1&seg=0&dl=https%3A%2F%2Fntutdc1995.com%2Fwp-content%2Fplugins%2Fadvanced-floating-content%2Flanguages%2F90dd4e35102a48ddb8a84718ac0c39c1%2Fmail%2Fspectrum%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303%26session%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&dt=Page%20not%20found%20-%20%E8%87%BA%E5%A4%A7%E7%9B%83%E7%86%B1%E8%88%9E%E5%A4%A7%E8%B3%BD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-58BNWM0NZW>m=45je3210&_p=1234064623&cid=1372755308.1675685769&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675685769&sct=1&seg=0&dl=https%3A%2F%2Fntutdc1995.com%2Fwp-content%2Fplugins%2Fadvanced-floating-content%2Flanguages%2F90dd4e35102a48ddb8a84718ac0c39c1%2Fmail%2Fspectrum%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303%26session%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&dt=Page%20not%20found%20-%20%E8%87%BA%E5%A4%A7%E7%9B%83%E7%86%B1%E8%88%9E%E5%A4%A7%E8%B3%BD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-58BNWM0NZW>m=45je3210&_p=1234064623&cid=1372755308.1675685769&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675685769&sct=1&seg=0&dl=https%3A%2F%2Fntutdc1995.com%2Fwp-content%2Fplugins%2Fadvanced-floating-content%2Flanguages%2F90dd4e35102a48ddb8a84718ac0c39c1%2Fmail%2Fspectrum%2Flogin.html%3Fcmd%3Dlogin_submit%26id%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303%26session%3D156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&dt=Page%20not%20found%20-%20%E8%87%BA%E5%A4%A7%E7%9B%83%E7%86%B1%E8%88%9E%E5%A4%A7%E8%B3%BD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ntutdc1995.com
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://ntutdc1995.com
date: Mon, 06 Feb 2023 12:15:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/uploads/2019/01/cropped-logosize_512px-192x192.png | 104.26.1.51 | 200 OK | 28 kB |
URL HTTP/2ntutdc1995.com/wp-content/uploads/2019/01/cropped-logosize_512px-192x192.png IP104.26.1.51:0
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hashd16d7230faddd952772b08212fb45f8b f13122549c8e784b795d2911fe03116299576f22 dec767bdb62f60cbafda06c88cdd3b472b63533c703d707e20fac419b5aa19c9
GET /wp-content/uploads/2019/01/cropped-logosize_512px-192x192.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc; _ga_58BNWM0NZW=GS1.1.1675685769.1.0.1675685769.0.0.0; _ga=GA1.1.1372755308.1675685769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:25 GMT
content-type: image/png
content-length: 27687
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=34634
etag: "5f960817-874a"
expires: Tue, 28 Feb 2023 17:10:20 GMT
last-modified: Sun, 25 Oct 2020 23:19:51 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6m8m%2BDVRtZhge5RwZpRNRbcsuKuQFBMVw9NgWKlqUh6%2BP00%2FJBsABV5qEpkDMi5Mbf%2FtzjtNMZIbEAGarQj3mB4Ii67JifwX9zH2w5zFdzf6%2FG40pMgEbOpMnOmqBO6L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953cfa38f3d1bfe-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/images/box_shadow.png | 104.26.1.51 | 200 OK | 108 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/images/box_shadow.png IP104.26.1.51:0
File typePNG image data, 5 x 3, 2-bit colormap, non-interlaced\012- data Hash449d9ef55c135a86ebd8ec91c7f170e6 acbb68ea104cfdd08081c66ce8a151e4668ef313 3f10d52942270b9e2da36af3915028bd73dfab3703bc13f060234cb0aa5bae2f
GET /wp-content/themes/betheme/images/box_shadow.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/themes/betheme/css/shortcodes.css?ver=17.3
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:25 GMT
content-type: image/png
content-length: 108
cache-control: max-age=2592000
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
etag: "5f9607f2-6c"
expires: Tue, 07 Mar 2023 11:01:07 GMT
last-modified: Sun, 25 Oct 2020 23:19:14 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Bqn8f9ySiVR%2Bk7V7apPa4gMTKQRpJ%2FF4cfcOELbe5BZiXOnEowl%2B%2FMaBDciA0ydUwbv1tXgBkPDhRAI7l2xVfc0V4Z2aFSD2nWoiI9zg1iaulps%2B9PRm0ezONykmdAa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953cf9f2a9c1bfe-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme-child/style.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme-child/style.css?ver=17.3 IP104.26.1.51:0
GET /wp-content/themes/betheme-child/style.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Thu, 10 Feb 2022 08:13:45 GMT
vary: Accept-Encoding
etag: W/"6204c939-4cae"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKN7Wp5PTdQDezDAUha5s%2FwF%2BSlcG6sRpTCcrbte6ITdZbHZP1%2BSMX9H8tHAOPRgXDVXR%2FFCpA8Y6ByWEaa%2FgnJOtLr9KY4lNy6vHehxpjavaPEN8DI97fFql5Iqty99"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fb41bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/yith-woocommerce-dynamic-pricing-and-discounts-premium/assets/js/ywdpd-frontend.min.js?ver=1.4.5 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/yith-woocommerce-dynamic-pricing-and-discounts-premium/assets/js/ywdpd-frontend.min.js?ver=1.4.5 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/yith-woocommerce-dynamic-pricing-and-discounts-premium/assets/js/ywdpd-frontend.min.js?ver=1.4.5 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:29:34 GMT
vary: Accept-Encoding
etag: W/"5f960a5e-19d"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1t6kI%2F%2BKQpBDR6IxWqhfJGIWIobqrSmRzE4bW3qTCgn8%2BRor9IaAxYKcwxZ4KGIQP8Llzd7KXb0%2F97%2B11wcj4g6VNgBvcsTjucWmUOLK0490mSHKueg1HTu9hLnxy7a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c7ff41bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 09:47:37 GMT
vary: Accept-Encoding
etag: W/"63d39db9-fa0"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3rtCf8MC8KShA%2Fu5KeAtcOpmeNWhY4zRxabmY%2B69gSFLZQJwskS5gNPKgYww5bN8nWirkZ9xjKRGaFikt5qy%2Fa1KPs6%2FwGJkZPAnToR4qkVmhNmBr73HFzbnqxDscFH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c98201bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=2.6.8 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=2.6.8 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=2.6.8 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:27:32 GMT
vary: Accept-Encoding
etag: W/"5f9609e4-1ae1"
expires: Mon, 06 Feb 2023 12:24:43 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13287
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYMsg4DsI0WuvfwpC7KIlDLL913Wq6NAR2Z9omuMf6ybQyPTpX2HsB2Trepidd8CZ4JObHJlK6a%2Fhl9dTVdEY1sXy1hzTQWOxXKiG0USKfIb8Bjig1bcZ052Av6UlZuC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9e9a1d1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=4.6.5 | 142.250.74.74 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=4.6.5 IP142.250.74.74:0
GET /css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=4.6.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 12:15:23 GMT
date: Mon, 06 Feb 2023 12:15:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/js/parallax/smoothscroll.js?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/js/parallax/smoothscroll.js?ver=17.3 IP104.26.1.51:0
GET /wp-content/themes/betheme/js/parallax/smoothscroll.js?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:30:03 GMT
vary: Accept-Encoding
etag: W/"5f960a7b-1afe"
expires: Mon, 06 Feb 2023 18:07:51 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxFC5Nogs%2FsHirlUsbCzayeh81BcRaGm8tIw9T2yTMiH%2BmNHQS6mXnzUHSrFWjlGnt5GArn1K9fEG3%2BuWwmVWw5xvUjfc5t5krNjLI40OtC%2F8QqxDgIW9svufBdwYiqv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd8611bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/public/css/advanced-floating-content-public.css?ver=1.0.0 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/public/css/advanced-floating-content-public.css?ver=1.0.0 IP104.26.1.51:0
GET /wp-content/plugins/advanced-floating-content/public/css/advanced-floating-content-public.css?ver=1.0.0 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:23:51 GMT
etag: W/"5f960907-89"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL3Q1CLggISwdCpSX2%2FTKjvaKNFxv1LbE53f4kG%2Bs4hGYDT9OJTd4YUxpTPXrslDdRvw3zRbNNgcv0qWBDespyL%2Bgoxh2gkgoaIvarVi%2BNBpRIjPXDYyILwwAKjZLf8b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7953cf9c1f811bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/font-awesome.min.css?ver=3.3.8 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/accesspress-social-login-lite/css/font-awesome/font-awesome.min.css?ver=3.3.8 IP104.26.1.51:0
GET /wp-content/plugins/accesspress-social-login-lite/css/font-awesome/font-awesome.min.css?ver=3.3.8 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:23:30 GMT
vary: Accept-Encoding
etag: W/"5f9608f2-7918"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8NXmJdOo4bDSCs94D6JLTzAOlVyJRzaNa%2BmWxsHPb3EektUrTwP02G%2F6fXisj71zhaZ%2BhMFDVCOesclUMX08QO8YMrA5EytzbAxxXHfg9i0BaIHBBisOOTeKhgU8oVb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c1f7a1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/css/responsive.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/css/responsive.css?ver=17.3 IP104.26.1.51:0
GET /wp-content/themes/betheme/css/responsive.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:19:09 GMT
vary: Accept-Encoding
etag: W/"5f9607ed-d60c"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YNhySi97uIhJnzWs%2B2UFMnBGnxPgX2qHziz59TXNJBN2F%2BYZJ4Ne%2B4ZkKgewiC2JQp%2B009soyAmTuUYFHLPcx0jX6XB2NEaWXgeJrg7CA9AC3TobvtzYAc9OceO1hCfQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fb11bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-includes/js/jquery/jquery.js?ver=1.12.4 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 09:47:35 GMT
vary: Accept-Encoding
etag: W/"63d39db7-17ba0"
expires: Mon, 06 Feb 2023 12:24:35 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gANT%2BuRlxW3wqUI9Isor745z7Z%2ByRe2qzwbVHnqXDtLdI9bckt2nIvdkjS5aa941QFNbZnVzq3WAPjL3ELcEIRXuwyyAulprjnNOORLdtYgHeFhEcxuPRgCVKDQio1e%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fb51bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=2.6.8 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=2.6.8 IP104.26.1.51:0
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=2.6.8 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:37:52 GMT
vary: Accept-Encoding
etag: W/"5f960c50-961"
expires: Mon, 06 Feb 2023 18:07:50 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpxgHY35kdVaXlNEU15pTvn7%2FizrEkht1tsdQNwWSAI004PAhy%2FFgzSgVzLaiZrFm%2F9K9ZUwdeggmyEeeue2mnkF5SzoSqvBY%2BsjNUqS9%2BdMChh%2FDV87F9kz6w7OtbXO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c6fe51bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303 | 104.26.1.51 | 404 Not Found | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| openphish | Huntington Bank | |
| NIDS | Severity | Alert |
|---|
| suricata | medium | ET PHISHING Possible Compromised Wordpress - Generic Phishing Landing 2018-01-22 |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ntutdc1995.com/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
set-cookie: ad11a069aef94a238e3ef47b2065dc64xxx=ntutdc1995.com
PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnSbpEec5SVPM1WDexNLyyvAoGrKvY7o%2FjU9i1nI1tQN0LxBvSJh6R%2BA234yQ7K%2F9fp%2BOJg%2BJ8w%2BWxYdG29n9KpccbchwWnBJtZRVtfxamH9%2FWFB14HNTTESP1OttWAU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf86da541bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/css/woocommerce.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/css/woocommerce.css?ver=17.3 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/css/woocommerce.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:19:09 GMT
vary: Accept-Encoding
etag: W/"5f9607ed-9bd7"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3t%2BTuXIiP7qTwuN03psZOstInqRvxaFuA%2B23U1DNSymUPC%2FL5ZyPSgQC8t81EjnEbTZ4CTn4ZA5vJM9393GScEsWAsN0%2BT7bNLMsUqZ1PZ%2B6BgJKQZBV7Onzx0pLvD5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fb31bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=2.6.8 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=2.6.8 IP104.26.1.51:0
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=2.6.8 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:37:54 GMT
vary: Accept-Encoding
etag: W/"5f960c52-115"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URmMoBYq9UuWOD0iMP4CD%2F%2FzKss4qnTxJiuyIWT0rEIUEBLkxNF0gZrZXwCIYMxiTcHFzIlD5798BnW84icpsdCa%2BPXgE3CsaLw6mY6SkCnkDCHrT1MdfxqjpqT4pDhZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c6fe21bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&wc-ajax=get_refreshed_fragments | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&wc-ajax=get_refreshed_fragments IP104.26.1.51:0
POST /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&wc-ajax=get_refreshed_fragments HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://ntutdc1995.com
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: ad11a069aef94a238e3ef47b2065dc64xxx=ntutdc1995.com; PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:25 GMT
content-type: application/json; charset=UTF-8
pragma: no-cache
access-control-allow-origin: https://ntutdc1995.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff, nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJcOkkuAgLGAs0ByWC%2BTf2CCUt3rFf47fN0r4T84KAq8TK4iyGarSWVuK9%2BFJ3jwRxjyKZuPP5uVISWVp9KzktQUPd%2B48K%2Bf%2Bje8kQUGgy%2F9WWLhDyyKoeOiz0rSegN1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9fab141bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.3 IP104.26.1.51:0
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.7.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:36:08 GMT
vary: Accept-Encoding
etag: W/"5f960be8-9bd7"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFZjmEEkITejqfGZWdfmgrTRJQynGfGFJeYdrnny4hafJe7dJ32Mw8rQY3wKv5tGy3EfVAdKGx4pp9CBfchfsHHaTLGr%2FsW8saPRcqeL43fwxFTkntYk%2FyRMhhFIORaJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c2f8d1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/css/shortcodes.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/css/shortcodes.css?ver=17.3 IP104.26.1.51:0
GET /wp-content/themes/betheme/css/shortcodes.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:19:09 GMT
vary: Accept-Encoding
etag: W/"5f9607ed-21e0a"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrTvTgQ%2ByRTtVoXk3CgmSj4cFRzUvc%2B3rQozxeyhV3xyjM3ETJrIsdat4YXmXlAmRN4qDAuv51avKL%2BxbebdQAhdwmktMR4UmDdPZ6J5w2C4%2FsWkhw8b2pd%2B6NGevdM0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c3f9d1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/assets/prettyPhoto/prettyPhoto.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/assets/prettyPhoto/prettyPhoto.css?ver=17.3 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/assets/prettyPhoto/prettyPhoto.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:29:54 GMT
vary: Accept-Encoding
etag: W/"5f960a72-47d4"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XZ1zPq%2F8rCreCJEn0gX1lW9VWzxLz3e6AF4plEg67uVXTEPT1Ig5eUy1gzF5J4oW2dj%2F%2Bq9WGedq25IEeG4GT1ofRntXOpkU%2FgTHuzR512C57xAjgQkw84hicI253bY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4faf1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 09:47:35 GMT
vary: Accept-Encoding
etag: W/"63d39db7-2748"
expires: Mon, 06 Feb 2023 12:24:35 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe15kojSTpZSu5PywTW%2BP0XNyihTfNjld%2F7KDR8rXojgbi%2FkMPzrg%2FlwHm2fnAxrk08%2BNsef5tLiP53HUdZXHGyKzxjShBbVUNe20w2TlLGSoWDj6DqoRjDcsnBkIGbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fb81bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 09:47:40 GMT
vary: Accept-Encoding
etag: W/"63d39dbc-c4c"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWPApElAdjnxGbmGv62PIPLUybnkS5O2YMLC24jBrOrJ8xcwrVsY3roq7aj8VJNiS7NQECTWUwRtHrv5oZbppXUTVy49Zs6rQhF4O0aY1PUwS%2BRZ06qJYx9sKTiWEle2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c98221bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.3 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:30:04 GMT
vary: Accept-Encoding
etag: W/"5f960a7c-1a30"
expires: Mon, 06 Feb 2023 18:07:51 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhZzRQouZ25%2FeRMDXSMB1LT5pnbxOxb0zLxbArHnlaZzLZ8G01gZDLZXxi%2Fy3KBpmnS2EnFE9iwZ8UybBC2bUhiPYqmqrWXsbW4D8TOU8wwCPwjE2pJ8SXrYXBCPP%2B4F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd85f1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-includes/js/wp-embed.min.js?ver=4.6.5 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-includes/js/wp-embed.min.js?ver=4.6.5 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-includes/js/wp-embed.min.js?ver=4.6.5 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 09:48:06 GMT
vary: Accept-Encoding
etag: W/"63d39dd6-57b"
expires: Mon, 06 Feb 2023 12:24:38 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13289
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSj4XDzDI5ytnhozwgdfssqS3ZWZZDCJChu9uwVJ6Dp1G3WgEqQ8FzJebr8%2F%2F0JUsVgRapFfmKL%2BvzpZpPS8CRob84SY6zQfo3nwnWJT%2BkQ6s6ZnfqBsA2e38xFnJLlo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd8641bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.3 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:29:54 GMT
vary: Accept-Encoding
etag: W/"5f960a72-cdde"
expires: Mon, 06 Feb 2023 12:24:38 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOpFpwasNkTPMEKqbcMVTOPJ1cBcrRa6kotEKGfY9jwyD3LXYycn7Jl8XcueT7hIoyuRTH9%2BkkQoXvUu8QIuhMI6ZqyUoXJzOD3XZmaEOY3idguG%2BNk8LtcD8uRND%2BWL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd85d1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/accesspress-social-login-lite/css/frontend.css?ver=3.3.8 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/accesspress-social-login-lite/css/frontend.css?ver=3.3.8 IP104.26.1.51:0
GET /wp-content/plugins/accesspress-social-login-lite/css/frontend.css?ver=3.3.8 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:15:27 GMT
vary: Accept-Encoding
etag: W/"5f96070f-300b"
expires: Mon, 06 Feb 2023 18:49:11 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLg8M4XTgnKs40RxZToNO1IDE8HHC7oePcAxwvQvOjgxTPE5yDwNVMfCGgpWGBHO79x9lqszJtb6o2JyXeDVLEqztkjnfFnoneQ0OGjoL0SO%2Bw0R8mKXJx7kJMzyTVpr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c1f7e1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/js/scripts.js?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/js/scripts.js?ver=17.3 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/js/scripts.js?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:19:18 GMT
vary: Accept-Encoding
etag: W/"5f9607f6-109f3"
expires: Mon, 06 Feb 2023 12:24:38 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdPgNXKHcvOFrJ29spyj5s5MMrvtAcUESp0wN9sDxbYYhp5bdyROC0GF9a4NmLBS%2F6NOfKirogRY89Hgs7jCKjS8KygkinFPJRHHQIgxydMuk5HZeodSFS%2BI%2BC%2Fm7Fc0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9cd8631bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP104.18.11.207:0
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ntutdc1995.com
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd262a00677124f212cbd06d4a6d71c1
cdn-cache: HIT
cf-cache-status: HIT
age: 13291
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7953cf9d58600b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/css/base.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/css/base.css?ver=17.3 IP104.26.1.51:0
GET /wp-content/themes/betheme/css/base.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:19:09 GMT
vary: Accept-Encoding
etag: W/"5f9607ed-cb49"
expires: Mon, 06 Feb 2023 18:49:11 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZqADzgMhj8eppwkUgzomjgAxc0d6lbaPpRZm4TlZYHEFIpNgqbO%2ByIj8iamJbz8pfP0PJNZulaYc4mmubG9emUehZ6TPDyile%2B9fbG815UYTjBVsDTdxOgNJRn7ucnY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c2f9b1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/woocommerce-product-bundles/assets/css/wc-pb-frontend.css?ver=5.1.4 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/woocommerce-product-bundles/assets/css/wc-pb-frontend.css?ver=5.1.4 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/woocommerce-product-bundles/assets/css/wc-pb-frontend.css?ver=5.1.4 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:28:38 GMT
vary: Accept-Encoding
etag: W/"5f960a26-32a"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXdl4QIzRX%2Blxq3tFn%2FNoBy%2BMXh1k%2FMfJKYHx6Km5kBbC%2FsdwyUm9%2FiZuzypu7svza7qm0bnvvjJ1QmgYQfd0pFMcY53SJfDnfZ41xzGhokvlCtaH5MQGB%2FpPjJybVG1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fb21bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.3 IP104.26.1.51:0
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:29:54 GMT
vary: Accept-Encoding
etag: W/"5f960a72-4c90"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2oVaJAXLHlb4NoPsbMhYEJe3V1EH68ajjqfGD%2BortvEfaZyXYJhwoxQVuvAjNz5emMPK6kfJcAe2%2BM52IUpoabo6%2BF3IWBSCGcDvhRFt2HjRafA8XsVKxtAogHmNFUx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fae1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.3 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.7.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:36:08 GMT
vary: Accept-Encoding
etag: W/"5f960be8-fdcb"
expires: Mon, 06 Feb 2023 12:24:35 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jM805bHH2vZIBXzyjmN0GYqy6%2BWVaeHb4xqlwP6%2F0xGTV%2BJdRmOKAE%2BR9WQV%2F4epaLxcdAzB8FPjGkfJvp8EvzbZ%2FSVAWup3Dd9lxeznC%2FCs%2FWtdQiT%2F1kbW9zdzGo%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fc51bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.6.8 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.6.8 IP104.26.1.51:0
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.6.8 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:37:51 GMT
vary: Accept-Encoding
etag: W/"5f960c4f-6e7"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2F2q1wvre3%2FOxkvI5tTIH8VEuacv7%2B5eht3CpBMOxUlFi%2BVNBDO6liHms5HntIUlNBmxmQg0NF7PmD8gDxeunGy9dVYAc2QQnCI%2B%2BGYrmQii5YHoP%2BCmxapodhvbgy%2FC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c5fd31bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/public/css/animate.css?ver=1.0.0 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/public/css/animate.css?ver=1.0.0 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/public/css/animate.css?ver=1.0.0 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:23:51 GMT
vary: Accept-Encoding
etag: W/"5f960907-5d28"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdTx1L8xO7MQb8Q7I4J4H7XalvQR01AdHsMk5h1Zsw%2BF3Eh6j6z7We9%2B7jiHmIFKsXwpJNWztsLVz4kCtH6kn8ZduhcWYEIWFw1su%2FeBznywycJPBTU2Q%2BmouE3KbK3F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c1f831bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/css/layout.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/css/layout.css?ver=17.3 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/css/layout.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:19:09 GMT
vary: Accept-Encoding
etag: W/"5f9607ed-1bdb4"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AB1RYkXCjFa3Zr%2B6GvwjBuyZwU8EcJko5nc8BQ4BcEzH5ObjqHLq16z655nSXi1fC1tkQZICFl3KxGCxPp8CRtBr3e9EQrBd5B8eiJa2sMvl1dS5eWPJNakIRscLphMY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c3f9c1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.3 IP104.26.1.51:0
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:29:53 GMT
vary: Accept-Encoding
etag: W/"5f960a71-e48c"
expires: Mon, 06 Feb 2023 18:49:11 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRk6YJmgEFOHk5pp0nGjDXHZ3oQIqvUEK5XwXPMZ0xWvbCqXSDAhpF3gDWXTk8vhjdzazmG4ru9vX%2FyVXBhUEiQh2dskTEiZv7f1FQpQo5h4iUlODT0VHIB6FLeIfTQ3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fac1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/public/js/jquery.cookie.min.js?ver=1.0.0 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/public/js/jquery.cookie.min.js?ver=1.0.0 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/public/js/jquery.cookie.min.js?ver=1.0.0 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:23:52 GMT
vary: Accept-Encoding
etag: W/"5f960908-514"
expires: Mon, 06 Feb 2023 17:53:47 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkKCj7RQ2PQVxkxQcDmZswrci16j2BlV7gt9K26exkeGRi1xxoGyx68sA0QEiyQfVm%2B6Ra5GFqSLj3hDGEI4YfZ99VusAwlw44Yw4dnv45SoU8kLnOQ3N2bTV7wz6vvr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fbd1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css | 104.18.11.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP104.18.11.207:0
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ntutdc1995.com
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: a5d60159aa3edbd852d31c74c854d149
cdn-cache: HIT
cf-cache-status: HIT
age: 13291
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7953cf9d48590b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=2.6.8 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=2.6.8 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=2.6.8 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:27:32 GMT
vary: Accept-Encoding
etag: W/"5f9609e4-394c"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDZzleNGVeR9ba5%2Fb0meuqR6FH9eS4U27q5tYHdcgQ%2FlC8j05qBruLY66Q1Dvs%2FsKl6%2FsTSJTwWEgOX4%2BRAoVrtAMvN%2Fw%2BjgqgUm%2FSrfNo1EaIpWYLIGPDfnTOxTolli"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c2f8f1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.3 IP104.26.1.51:0
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:40:01 GMT
vary: Accept-Encoding
etag: W/"5f960cd1-27a1"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsNVtiDZgqUtEepGbFJmOOlQAp6JDBu2HuW4wx9Gh5UWLCFaLjTU6Sm4S35%2BpwKHexKROm6j5rE0FI2zh6CgDkUmOrvBZSzDO5t%2F5KkyqCmIOlJGMpJ73tX2nE3uaOYm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fb01bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 09:47:41 GMT
vary: Accept-Encoding
etag: W/"63d39dbd-6143"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvpO1dHvAj0rhnnx0BktY2v%2B3h5QMQZfOAIYQ0QfQb5FfzRUXivHTfv9GSZMherX1xgbL682Jo6hi0s4VQwelFhMny6Alx1SEAKCrWTRBSZkmAk7SiECX5YztRV%2BaUFl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c98231bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 IP104.26.1.51:0
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:37:54 GMT
vary: Accept-Encoding
etag: W/"5f960c52-255b"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpkMqS2vMcn5Q8JLA%2FiiVEaTqosOv9EPfGjJFzmfYZ2j4bEdUN7P%2BL2iCreSP%2B8vevvJy8u9%2BIU%2BdpnBlJL%2FdsjH0rYKL3sSgC%2B8KhTs15aPaFbn%2FzNI%2Fp8ifhWtrbx8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c6fe01bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=2.6.8 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=2.6.8 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=2.6.8 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:27:32 GMT
vary: Accept-Encoding
etag: W/"5f9609e4-d271"
expires: Mon, 06 Feb 2023 12:24:40 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92G7tUXo42xf212sG5uhO8aKIiDnpGanNtmey2FkmBjz%2BlFrsMeKmUS0zB2ZHe%2FaIxoNwTd6FJfAP8fYDmrN8rmwaGLyaK8Fj6VDweGVZ6%2FKe76qmB%2FGiz3W4S%2F5ovXr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c2f991bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/public/js/advanced-floating-content-public.js?ver=1.0.0 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/public/js/advanced-floating-content-public.js?ver=1.0.0 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/public/js/advanced-floating-content-public.js?ver=1.0.0 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:23:52 GMT
vary: Accept-Encoding
etag: W/"5f960908-32f"
expires: Mon, 06 Feb 2023 12:24:35 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=967kmcX2j%2FvbfwGfRmKKyYXbXE9mhADe2c5MwqfxPGnleKPAiCL8pcjpki4JEf8XlEb3RutU4yWa5wPusxdEHIlnrEBCJLodWuczMDrzh3157wZv8RWjn4ZzZfipuzyW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fbc1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.3 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.3 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.7.3 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:36:09 GMT
vary: Accept-Encoding
etag: W/"5f960be9-1afe4"
expires: Mon, 06 Feb 2023 12:24:35 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcUZKNthtqJrglzOJL%2BakZB0uowkC47mOqG1A8gE6o7C9cKLntLNQt%2BwTgC2tYJ27ZDZc5VWUASlF4Je6HjDtYe2I7QlHhvoFUh7dl8FxENBQL1kqC2bJDxzhSaNoNBA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fc31bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/themes/betheme/js/ace/ace.js?ver=4.6.5 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/themes/betheme/js/ace/ace.js?ver=4.6.5 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/themes/betheme/js/ace/ace.js?ver=4.6.5 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:30:02 GMT
vary: Accept-Encoding
etag: W/"5f960a7a-a9e6b"
expires: Mon, 06 Feb 2023 12:24:35 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FihAQUCs2yJ64SJNN6vHE4Fmthg0y3%2FS5T5xnR9jiz5Biiby9arA3Ng9R7R1iGqz0hm%2FT%2FbQVHTi50zDdU0Nl%2FIJB9MsKor2rOWFA5IQWGUPV8DFAxHuIb01gqXXwQSy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c4fc71bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/woocommerce/assets/js/jquery-cookie/jquery.cookie.min.js?ver=1.4.1 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 25 Oct 2020 23:37:55 GMT
vary: Accept-Encoding
etag: W/"5f960c53-584"
expires: Mon, 06 Feb 2023 18:07:50 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxiIivSJgTNqRQG5m7dYbvf28sr1M71WF7AjIzcFmhQ9nzeUNESR7lAQgWgWbrjfoswQVCfPE6qyqyATofr5QDcCU7EsbANG2aQ4YEIqYD4miA3VWKQJZ4px0OSLWPlT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c6fe41bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 IP104.26.1.51:0
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 27 Jan 2023 09:47:42 GMT
vary: Accept-Encoding
etag: W/"63d39dbe-1afc"
expires: Mon, 06 Feb 2023 12:24:37 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtEixuzRZyXNlK0tSkc8k5Eoa4kEE7A9lyAcV2rItsX9Uk9v7lwcCRqzunsieEQqUq4XmFJPoA51eFJAe3f82yINZSh4LE1gzt1NsqZPvaFL1JJ%2By6CtIVb2P%2FEiIVWV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c98211bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Monda%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=4.6.5 | 142.250.74.74 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Monda%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=4.6.5 IP142.250.74.74:0
GET /css?family=Monda%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=4.6.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 12:15:23 GMT
date: Mon, 06 Feb 2023 12:15:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/yith-woocommerce-dynamic-pricing-and-discounts-premium/assets/css/frontend.css?ver=4.6.5 | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/yith-woocommerce-dynamic-pricing-and-discounts-premium/assets/css/frontend.css?ver=4.6.5 IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /wp-content/plugins/yith-woocommerce-dynamic-pricing-and-discounts-premium/assets/css/frontend.css?ver=4.6.5 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/mail/spectrum/login.html?cmd=login_submit&id=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303&session=156597f604297699c8b7b1d4b39b3303156597f604297699c8b7b1d4b39b3303
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:23 GMT
content-type: text/css
last-modified: Sun, 25 Oct 2020 23:29:32 GMT
vary: Accept-Encoding
etag: W/"5f960a5c-3c7"
expires: Mon, 06 Feb 2023 18:46:33 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 13291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccyLQVJtTql1vm8hY9Lf%2BGiLYxFaeQCgpLleHmRGzl0gy64zf8QRSXKUYTmsaKFyOuxSvV2inzu91X%2F35HnCEw11XUr6fAMF602Op8JbOGkJgRaUh7kGGeUDgsrQmOTY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9c2f9a1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/.well-known/791c459f5bd9c0b0658313fcafb6f163.txt | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/.well-known/791c459f5bd9c0b0658313fcafb6f163.txt IP104.26.1.51:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /.well-known/791c459f5bd9c0b0658313fcafb6f163.txt HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=5qmdinnvu7kj7is9dje3qjrbtc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 12:15:24 GMT
content-type: text/plain; charset=utf-8
last-modified: Mon, 06 Feb 2023 12:15:22 GMT
vary: Accept-Encoding
etag: W/"63e0ef5a-15110"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHlgwFQ6w3%2BJELNZkdMdSZ9qXbpiZoTj2vLdrxt9TQ8Y8nY7tbevCL0KsEpepqVMMrkCvzrcZhlnTksKGcthlmeiyK0KVmX%2FGnw96vb17fqC6rDGl3eRaaLJ%2BYRlQXSG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7953cf9df99f1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|