sharethuthuat.com/
172.67.183.204301 Moved Permanently 0 B IP 172.67.183.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 19:27:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 20:27:44 GMT
Location: https://sharethuthuat.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtG%2Be49aLt1w73uvldBNlfzzH2XwNfE8PFKf1iooKvPL51EF4KDsHEfmt1JZKog3ZGEB9fATfxzh8B2KXP4zDX4%2F8s5V18JzFDDTjgS8JTXzKAfwnJEY9NyTfyjqti2qET6zwA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ed708c7e2eb4fd-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 19:04:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8tWb9kPiSauCa64qYNAnkjDdQ6U-jndpueEcm_QKAeYXk-3lxWPOqw==
Age: 1418
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7231
Expires: Thu, 22 Sep 2022 21:28:15 GMT
Date: Thu, 22 Sep 2022 19:27:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BtnrrevBmOJG0G3LIwRJCtaYDoIqzn_J7rXAMhbyo5IwXokw_MaWkA==
age: 53550
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 19:27:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 22 Sep 2022 19:03:22 GMT
Expires: Thu, 22 Sep 2022 19:15:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7Kxk97b8rup5jfeRjtEKmUwFA0JoC4_EpxFobHyBY-BnHUUek7pGdg==
Age: 1462
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 61
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:44 GMT
Last-Modified: Thu, 22 Sep 2022 19:26:43 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9w+8E6r/2UaJncq3+Tt2rg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 56eDQi0n4eDhbrlPHkLTKF7/kZE=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9956
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 19:27:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9956
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 19:27:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9956
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 19:27:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9956
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 19:27:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 78817
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UoQTXSP0LgR4LwELp2Avm27hUekfO9TU9yfvNbIlmUtB-FrU9MGRbg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:19 GMT
age: 77967
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: bfdfb11f-7ec5-460b-8759-41033451e2a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1ueDEUOIAMFq5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bc459-6f8ebea8143c58f652dc61e8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 02:11:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ln0EYmIyTWExYNLVEv-ZYhdCAYVju_Wu2S-_p5GfD_Kev99yrKwRcg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 05:53:43 GMT
age: 48843
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sharethuthuat.com/cdn-cgi/apps/head/xy0aMratict5BeqH9ywWAEIAnQ8.js
104.21.48.102200 OK 16 kB URL HTTP/2 sharethuthuat.com/cdn-cgi/apps/head/xy0aMratict5BeqH9ywWAEIAnQ8.js
IP 104.21.48.102:0
File type ASCII text, with very long lines (318)
Hash dfb7547733f19c6fdc117efbe54a1b68
4f713971d7c849cb9dc34454ba4a6d9b703f8ca3
35973de8bd8e13d0f9f25bf4dc26296167a7ade40ae67b7f97a93bb6b086f2fe
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/apps/head/xy0aMratict5BeqH9ywWAEIAnQ8.js HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:46 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: zSAEMWJV1M1pFFn4W8Q/NFBmfuwx3JisawwyRK8faOcxFyq4eJEhRJck0GYa5Oss9+Rs+1C6wW0=
x-amz-request-id: 4HEMPPZYH7ZBZF8B
cache-control: public, max-age=31536000
last-modified: Mon, 16 Apr 2018 04:50:40 GMT
x-amz-version-id: SrTDeBdYv1aKF.dh6avXr7sMxOPT2.Ep
etag: W/"bceee08f7a7f17a4f294ba74bcbc1a5f"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCv13BaqzbTRROcIYVEQ2V8yPXX24FbLhOUu3XnjHrBfedbOH9TAeOcji9IE8vID34U8Cc%2FEiN3JoWAplCtkpGMtA6zv%2B9Jm%2BCxiRXtwsIcYUevH5KdEDh8ApRL1cy2h0FclMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed70986aa20b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 78817
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 77959
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
104.21.48.102200 OK 14 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
IP 104.21.48.102:0
File type Web Open Font Format (Version 2), TrueType, length 13564, version 330.32636\012- data
Hash e7d4bfa72a1f7d352fa6605501a3e2f2
afd94b571eff9da7d85490bdb4c9874419cd260d
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:46 GMT
content-type: font/woff2
content-length: 13564
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 17 Apr 2022 13:49:35 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJZmF7vWwhq9YhzRB37eioiIHJyr4AL765YtQlzLN2capSuGY0VG4ViiKLVkQqB0kxbnNf2lPw5xLG%2Fdi2VPb1iW2S2oBjc3QTSf1rCyoZcBvMu6uNS0ZbPBfrhBaT4P79fvtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988acf0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/fonts/jegicon/fonts/jegicon.woff
104.21.48.102200 OK 7.1 kB URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/fonts/jegicon/fonts/jegicon.woff
IP 104.21.48.102:0
File type Web Open Font Format, CFF, length 7144, version 1.0\012- data
Hash 80f6e7a7a6eb44255aeb06a2d5b5ea41
4ded570e00c9c96cc3cf18e770903cb60e360ce4
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/fonts/jegicon/fonts/jegicon.woff HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: font/woff
content-length: 7144
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98HCO6N3rP9OmQj2ljXWodDIrPaI8JACP8KRYKBJLKjo936Bn%2FXbWzAGqs9C4g%2BekUhCRTfCpE474fnTQz2b0Hb9G7cfB3Fppy5nzg8zvKhX%2B00feuiOX5GQE0efw9B0O7UljA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987acb0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/wp-domain-checker/images/load.gif
104.21.48.102200 OK 1.6 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/images/load.gif
IP 104.21.48.102:0
File type GIF image data, version 89a, 64 x 18\012- data
Hash 34cb034a7f510acb99f420410f9ffde1
1b848a1224b2cb537ef7946dadda5f99db08d113
31317c9b4ec762fff9558efa9492d8e21bfa9d3b19398a758f03b3f7b6fe0107
GET /wp-content/plugins/wp-domain-checker/images/load.gif HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/gif
content-length: 1590
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sat, 01 Jan 2022 03:48:04 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vDHvkBFO0cwcH%2BY3B9V%2FHFZOPypBRd3Y5tHlUpaB8cjfDotJwXCgbCGGQcm4ZBb2EsZgdZWKSCKZtD5%2FWl5SmXX82tu1te1fxRpezxoiDWZI7gxflnBpy6Mg6e64G3w2KuVww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70990bad0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2020/05/stt-logo.png
104.21.48.102200 OK 11 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/05/stt-logo.png
IP 104.21.48.102:0
File type PNG image data, 225 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 506609cf71a10f84ec6fafc0b10cb2e6
67137634365816c9b58081ecf5844cd168caa012
b4fa8d9e44583fe444ad3eb33b0d39c53ca390dfcb0c1631f761f3e5609f4210
GET /wp-content/uploads/2020/05/stt-logo.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/png
content-length: 11238
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 20 May 2020 15:12:42 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWaOYU0ZcrxzeclWMM7eAK1PHOwvvVDek4JVyXCW4pA3yaxiyxt83MZA8DrSxhckSqDUwsiKBpuHWJy%2BZg0cOjv6kzyG%2BUrsjKnST1OUIo49N4ZqyW9RTOS5o1E2Ytu0rT84Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70990b9a0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
104.21.48.102200 OK 75 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
IP 104.21.48.102:0
File type Web Open Font Format (Version 2), TrueType, length 75368, version 330.32636\012- data
Hash 859c4002d9954718cac1ddea5555698f
2392ce297c92bcf2c7d5a4c461a582dadc8039c8
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: font/woff2
content-length: 75368
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 17 Apr 2022 13:49:35 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC71y2kM1FVSR3qxRCWEYWZtlK1IDwFR4wS0fm%2Fo5c1Ed1sW617ZCAhBdLX6dbpL99caskp6qJRT7iJJyRvmFvA%2B6HsfC4rhzfS2UqYNU9ltCOkhRrgFwCzGIGNwUk%2Fogxu5nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987ace0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2022/09/loi-noi-dung-co-gia-tri-thap-trong-google-adsense-750x375.jpg
104.21.48.102200 OK 33 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2022/09/loi-noi-dung-co-gia-tri-thap-trong-google-adsense-750x375.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 750x375, components 3\012- data
Hash 8cc9d92634d6a30c967f55ef510afc03
b28a64b3b502196f72d7e5068a912e4e3a73bf4e
855ce5ecf89fab655568a26455ecef859a2ba1fbd0758df87b315d8779455f86
GET /wp-content/uploads/2022/09/loi-noi-dung-co-gia-tri-thap-trong-google-adsense-750x375.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/jpeg
content-length: 32845
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Thu, 22 Sep 2022 02:10:50 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2E%2FULbXN8q5jv9awDHR%2FSKR2iQgDv5CJiXhZd%2BuCYLGja3SbSalyw6%2FTjEqk3Zb4Q8S3ExYVhBWUFr5kSwmjUmUEB317qzCrgENdEDj5%2FTtg0VlBcWKJD69E%2B3WsWZDmgDb6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70990baa0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
104.21.48.102200 OK 76 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
IP 104.21.48.102:0
File type Web Open Font Format (Version 2), TrueType, length 75760, version 330.32636\012- data
Hash 832f6e62aaf3909d6b94c8a9c1e4dd51
4a06418cb56a66af5a1c0f59791469dea1dc87fa
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: font/woff2
content-length: 75760
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 17 Apr 2022 13:49:35 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqpU0IOfX%2FxoZ1ggz4MnmRxPfIQsM8HdqWXq5yE9PtA3ex6C6Gt2SBQMKQnXfAmilxmCBEazoDZr%2BH1bLVPRLrl1GRHWzBqEG%2FRLtr7cV69yUjZrzfktcLKGZojopanoaGBDKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988ad00b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.transit.min.js?ver=1.0.0
104.21.48.102200 OK 3.3 kB URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.transit.min.js?ver=1.0.0
IP 104.21.48.102:0
File type ASCII text, with very long lines (7830), with no line terminators
Hash db8d540c9c0609ba631d8fe371822e7c
fdf9ea27b685fa3268dbbf18343e616b61c96619
7222e787fea4e4ad0bbb7680d4692cfa9d915bb3ea2694d441d93e25258f010b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jquery.transit.min.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vefgG288OJ%2BMOa5GoGHEDsX406grPwvkfqzY9VIC5saO8HJ%2BroZA2CGJTGkQaARkTJOs3w%2FcYziNfsuUS%2BLuD7TAcDrU6wNrx84k%2BqM5fWuYfgs9e83OxkjeuwKgaayXd8PnqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c6f0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
104.21.48.102200 OK 77 kB URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.21.48.102:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: font/woff2
content-length: 77160
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKw9k6xXWUo09Y03oagu2a1SIz0OP8yzcV%2FjLGxvXkgDGTe%2BvQgMQ1pm6IT8sZgjyj%2FOhbL4VTlRsgmABBPDNb%2BiPazsWp9TArWsvj0VAMgxChybq8lnuIgJvlQJ3mEYEczF2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987ac90b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Hash 87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharethuthuat.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:35:48 GMT
expires: Thu, 21 Sep 2023 19:35:48 GMT
cache-control: public, max-age=31536000
age: 85919
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Hash deb26e9b1a25438118e5d39d741ae6b6
a2801defb4c8bed8e4083dfde0b2a5a9c0537020
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharethuthuat.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:50:35 GMT
expires: Thu, 21 Sep 2023 19:50:35 GMT
cache-control: public, max-age=31536000
age: 85032
last-modified: Wed, 11 May 2022 19:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
104.21.48.102200 OK 17 kB URL HTTP/2 sharethuthuat.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
IP 104.21.48.102:0
File type ASCII text, with very long lines (15660)
Hash 9ac75d266fec53eb389a8475d8b35fce
e9b40f3187914f7071758dc6de3fafeda006198e
2142eb0e6f82e2f773d1ee97709b324239f4e75a4a6ba8a5f8a8a51aa7e6a4a5
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 25 May 2022 07:58:44 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bK2u1WipjhCL9Vx4eYj7rVPRo4raLMFo%2BziLS6C6%2BnCA%2BVMZHk1YIku0HnSvSsCl7fPCnhJC6K%2BqaEzScC9vZBL0ousv5P2koJfKVhUHJPR9R1YQYR79VNxJxIDxEtPZsccrvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed709b6f010b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jnewsslider.js?ver=1.0.0
104.21.48.102200 OK 1.8 kB URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jnewsslider.js?ver=1.0.0
IP 104.21.48.102:0
File type ASCII text, with very long lines (4162), with no line terminators
Hash 25eb5d26224f1571bb149872baf4e035
bc927b39e2ebcf1191a863d3e44503b7a83a2bbd
ff04275b5a343250a6b543db0693b3a0f1fd241ec171446f2bcbcd50cd42ca16
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jnewsslider.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBIEYKsK9HoiDlwz8PlkN6Y2Qp8sdi9%2B3ZeSUEgT6R%2F3Xqpnt%2BTNXD9cyVBAYmp1UdaLMDob0mfo7hdhvgYa0znBIb15q4k%2FZE1xXbGi%2FTUNbh9D80srOr6bvaIfNunq4ryoYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c810b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
142.250.74.163200 OK 5.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Hash ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharethuthuat.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:36:26 GMT
expires: Thu, 21 Sep 2023 19:36:26 GMT
cache-control: public, max-age=31536000
age: 85881
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/iw.svg
104.21.48.102200 OK 6.1 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/iw.svg
IP 104.21.48.102:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (965), with no line terminators
Hash 413e7e23e2b2e22ef60f819d2e41954e
05eb34cf1f032412b69c7c16c802b7119c694a2e
2940dceacf3e647032cf80f4daa8cd93e42d28ddcb04433a1b7206aabfaf3ab0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/flags/svg/iw.svg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 11 May 2022 09:32:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XScPyUAS1wyBMfRA1elOslXuiLvA0MIAJUFnc9WqGvH7dbuLt2%2BNIMsB%2B6qHdaTx%2BmUS6biPCBwrse7qQjjsUIros7QOmZP4glRZQrD9GPLaV0opn8R5rO0MWC01xV4slQMDoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70992be80b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/vi.svg
104.21.48.102200 OK 5.9 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/vi.svg
IP 104.21.48.102:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (490), with no line terminators
Hash 9a83ae5829756589d7f5b10801424935
8665a556ff017ff8256360564caf68f96b21aed9
8898850a556938bdd12497d0ee062b672575037181427603ab08a5e04e6a82a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/flags/svg/vi.svg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 11 May 2022 09:32:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqGbGeaq%2BnxjrZmP1NdJn18D%2Bz0BMyqJOu5X81spazLvaWL%2BUcPEvLfT8A8%2B8FiApQzvG3sUmecSM3s%2Bz8NWwNpgu3xrkMJzf5H7KPtmoNzI8c8ErtDNiF0ZX4Jo3IYZ%2B%2FBKGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70993bf20b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/webfonts/fa-regular-400.woff2
104.21.48.102200 OK 14 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/webfonts/fa-regular-400.woff2
IP 104.21.48.102:0
File type Web Open Font Format (Version 2), TrueType, length 13600, version 330.-16188\012- data
Hash 4165c2688309cbfb1b877caf8f75afb5
37b761c26708037d19664cebea70416852487087
093f782260d70f914e7e591eba1502d3e992e9f7a69a17d1df6c32bcddd6f06a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-domain-checker/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/css/all.min.css?ver=5.1.2
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: font/woff2
content-length: 13600
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:47 GMT
last-modified: Sat, 01 Jan 2022 03:48:04 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Em37KREoxYpF6W3nb%2FlPFOMwxUzrlbye2M6AQe0cFHCu48qoIIde2mJcvIPf5J%2FLEE%2FXxmn3Zuyq0vg6t0KnnCMbGS8QNei1fF3%2FRXeJA%2Bcq1aRY%2Fr%2FBpnZ%2BEfSw2W3rlcFzBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a318340b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/css/all.min.css?ver=5.1.2
104.21.48.102200 OK 28 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/css/all.min.css?ver=5.1.2
IP 104.21.48.102:0
File type ASCII text, with very long lines (57135)
Hash cd5b62f79d469e51c491d925a749ffe7
24fc03f5bcb31ab31c51b8e69a8a9e13fb5b0a93
50c102e6c46be26ef4860a20a84411d6167b6120ff37e36b8ef57ef7902ac89d
GET /wp-content/plugins/wp-domain-checker/assets/css/all.min.css?ver=5.1.2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sat, 01 Jan 2022 03:48:05 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MN6tdNLclL1txAJPzbcdGFNPe5XvX5NOT1FeCRbdVgt7KmKckhaMy1wG9IGJ%2FRHk%2BQ0EpkTGSPCBr3oOlX013ONsvvDJuxIKoWf9H9kOtkm3kJ4plnb2F5od%2Fc4QiOy2xrBUOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70995c270b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/ko.svg
104.21.48.102200 OK 43 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/ko.svg
IP 104.21.48.102:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2225), with no line terminators
Hash 74db40d2d371bdba2927d739ce2332b9
87a8c54f669f96a45048b35f195b4fe1a8788e50
105a9d1f703156450a5ef0f5589c0e590e7af31cb89f6c4404ca7332cd1b91ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/flags/svg/ko.svg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 11 May 2022 09:32:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuVLNNAjVNnQ6WVpdAarW%2B%2FqplashiV9azFq79XW%2FLhkpDuFXPAVpEasEbWGzpyh9ucjggWfygRKg9oH3yPNL9d63wV0m27GCOnKFCsV25NIUeD3yYt9LGxR2ZZeSen5fAbQfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70992beb0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/webfonts/fa-solid-900.woff2
104.21.48.102200 OK 76 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/webfonts/fa-solid-900.woff2
IP 104.21.48.102:0
File type Web Open Font Format (Version 2), TrueType, length 76120, version 330.-16188\012- data
Hash 55eb2a60e8181f0e68b558c991973bf0
af776f52d579da211590e0691d554b88a69dfe61
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-domain-checker/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/css/all.min.css?ver=5.1.2
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:48 GMT
content-type: font/woff2
content-length: 76120
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:47 GMT
last-modified: Sat, 01 Jan 2022 03:48:05 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npZDai89kWdyiCvGD0xf8MS%2F9J0hGc2wWX6cFpM%2FnIY98OKqC5crBzi8tVs5AsFFc6fP6l0AWlxKRY%2F0o1LuCWEzDMs8oCxD4osmk9qVl3IzixTKMONkFERO4sR%2BDo9%2F0CS3mw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a3485d0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.google.com/g/collect?v=2&tid=G-J83YEZC3HM>m=2oe8o0&_p=1648071124&_gaz=1&cid=1423798980.1663874867&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663874867&sct=1&seg=0&dl=https%3A%2F%2Fsharethuthuat.com%2F&dt=Trang%20Ch%E1%BB%A7%20-%20Share%20Th%E1%BB%A7%20Thu%E1%BA%ADt&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1
142.250.74.78204 No Content 0 B URL HTTP/2 analytics.google.com/g/collect?v=2&tid=G-J83YEZC3HM>m=2oe8o0&_p=1648071124&_gaz=1&cid=1423798980.1663874867&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663874867&sct=1&seg=0&dl=https%3A%2F%2Fsharethuthuat.com%2F&dt=Trang%20Ch%E1%BB%A7%20-%20Share%20Th%E1%BB%A7%20Thu%E1%BA%ADt&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-J83YEZC3HM>m=2oe8o0&_p=1648071124&_gaz=1&cid=1423798980.1663874867&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663874867&sct=1&seg=0&dl=https%3A%2F%2Fsharethuthuat.com%2F&dt=Trang%20Ch%E1%BB%A7%20-%20Share%20Th%E1%BB%A7%20Thu%E1%BA%ADt&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1 HTTP/1.1
Host: analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharethuthuat.com
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://sharethuthuat.com
date: Thu, 22 Sep 2022 19:27:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-J83YEZC3HM&cid=1423798980.1663874867>m=2oe8o0&aip=1
142.251.1.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-J83YEZC3HM&cid=1423798980.1663874867>m=2oe8o0&aip=1
IP 142.251.1.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-J83YEZC3HM&cid=1423798980.1663874867>m=2oe8o0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharethuthuat.com
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://sharethuthuat.com
date: Thu, 22 Sep 2022 19:27:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.w.org/images/core/emoji/14.0.0/svg/2705.svg
192.0.77.48200 OK 482 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/2705.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (482), with no line terminators
Hash 212e30e47232be03033a87dc58edaa95
4d69c4a3dc57503e08b76c774135bfe83e8b1f51
1f026beb67630abcdbc341651b1c17591aa76261296a9fb118793765964eb4e9
GET /images/core/emoji/14.0.0/svg/2705.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 19:27:48 GMT
content-type: image/svg+xml
content-length: 482
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/webfonts/fa-brands-400.woff2
104.21.48.102200 OK 76 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/webfonts/fa-brands-400.woff2
IP 104.21.48.102:0
File type Web Open Font Format (Version 2), TrueType, length 76548, version 330.-16188\012- data
Hash 067595ad77ecc0db9c81c8905a7eef32
3a175545f961094f3614f208f2166187b642355f
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-domain-checker/assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/css/all.min.css?ver=5.1.2
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:48 GMT
content-type: font/woff2
content-length: 76548
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:47 GMT
last-modified: Sat, 01 Jan 2022 03:48:04 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82OEunfP03AHxL6%2B5gBn7aaYDNfN%2FA9zxLpe4TM8amlaMBgMenpVgqvVtC6byE%2F8Pd35XvXEK3g9BrMWhKPl%2ByFz3JLu0BjohYrIvCNkX%2BcRAVNgcIrr0UyTL41SEhq2dROlYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a348560b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/font/Poppins/Poppins-Regular.woff2
104.21.48.102200 OK 49 kB URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/font/Poppins/Poppins-Regular.woff2
IP 104.21.48.102:0
File type Web Open Font Format (Version 2), TrueType, length 49444, version 1.0\012- data
Hash e02e190248839fec59328523142ce88c
dd25521b444376b3f8a5a54dee93ff2ae47164d2
bedc39ba6f7f98efeb0b5a5c5a195b1f3421829ffcaf83174a1c7e86f5002a61
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-domain-checker/assets/font/Poppins/Poppins-Regular.woff2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:48 GMT
content-type: font/woff2
content-length: 49444
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:47 GMT
last-modified: Sat, 01 Jan 2022 03:48:05 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyGxHJcv4qKsaB4916cHedVlb0XHWSgwjsII09fd5ytLXN5KV5essOEqN3QnxG50ueM4ROA%2FT1u9k%2FKRt1iG1kdyhdQ%2FkyEYU4f93AXQn632npovMzpS115XJJc4drlXhvzD9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a4495f0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/img/preloader.gif
104.21.48.102200 OK 4.4 kB URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/img/preloader.gif
IP 104.21.48.102:0
File type GIF image data, version 89a, 100 x 75\012- data
Hash c9d5e0caa6894712e1fe34cc559ca47f
fca00e1a8ac564cb5dd327f13b1461ddd84220f4
d64e383dfb28ce7e37cba7ddf8dc33b90802fb1840a887c030f1af0b0047715a
GET /wp-content/themes/jnews/assets/img/preloader.gif HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:48 GMT
content-type: image/gif
content-length: 4399
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2B6ro64NInLN5cuc7gB74dJOcgIHiyIuvA5W9rjVBmbAZg82izOhvOame%2BkmZzbmWwEsWo4YYP%2FW2a%2BTZm5kCOgVevnYc3Kku%2FVOCqSXHPUOJi0Kdd1YYMazABSON5DPIh03LA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a2f8090b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2020/05/soledad-theme-120x86.jpg
104.21.48.102200 OK 4.5 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/05/soledad-theme-120x86.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 120x86, components 3\012- data
Hash cfb785d85006bec5723d5720c98306ae
3316561205fe189f5507a35280171bbdeae324b1
57aabf2519bebc68c6428810f380d6ddd2ced43f301030797f3b64ccf667eb35
GET /wp-content/uploads/2020/05/soledad-theme-120x86.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/jpeg
content-length: 4527
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Wed, 20 May 2020 15:12:42 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fa5fusfT2eUarQtugXiDjVDzH2Q2h4eLh2%2BryvDqsdUcmLwnnq7jLXm598BzAyNJx2DlgL0wcsikUMchS4qRRx0l0QTGvTIK9QS4fI8K0uLhvzxjGLCGo%2BDgdr%2BqFIsebRXAkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ab89420b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2021/05/rank-math-modules-page-120x86.jpg
104.21.48.102200 OK 3.1 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2021/05/rank-math-modules-page-120x86.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 120x86, components 3\012- data
Hash d96d9731305e74d99f3cfa63aea771cc
2d306846d2681c29601f3f69ec1d7bf8bedb9a3f
a31a05d7c7dd741052423a96fc86f250f6e647d82eceef0c48921a41acf69326
GET /wp-content/uploads/2021/05/rank-math-modules-page-120x86.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/jpeg
content-length: 3093
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Sat, 08 May 2021 04:03:04 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjDMJKAF0N13VxEnCSD46oK07aV1ZnSL5Rg3%2Bu8mHncA%2B0N5OnpcLsjaDDhQpUQzfTDXFNHAiWDxtJ4%2BhSJuqyqVNhmTF6fXPMOSyK60NGIyXdUtGTQr0P%2BauNYej0fMmJywpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ab89440b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2022/09/loi-noi-dung-co-gia-tri-thap-trong-google-adsense-120x86.jpg
104.21.48.102200 OK 2.8 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2022/09/loi-noi-dung-co-gia-tri-thap-trong-google-adsense-120x86.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 120x86, components 3\012- data
Hash ac9a33e02ccc3fb339eec8663dd3f40e
85fbfcb13f4c70f4cec876fa290e3fdca2fcca70
731faacebed913c0b9a6a0c2a02766b6b445d7d4994a177c26a32ce9d711935f
GET /wp-content/uploads/2022/09/loi-noi-dung-co-gia-tri-thap-trong-google-adsense-120x86.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/jpeg
content-length: 2818
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Thu, 22 Sep 2022 02:10:50 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wVf3PdLFXDeX5Txik6CUWpETGccwgqBjiDFzmfZZ5VMXk1qHVL%2FMEJfqldJh5X8epycOqMO5TOsMrPpi%2FolIAiOWsJ3w7F6PLwF1aA%2BCDy75erVWlasOaj0Y%2BWwoExQLANYDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ab79290b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2021/06/Bridge-Theme-moi-nhat-120x86.jpg
104.21.48.102200 OK 3.2 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2021/06/Bridge-Theme-moi-nhat-120x86.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 120x86, components 3\012- data
Hash 6ac8a25d0dad79dc7a603b719508ba46
aada1bafe4f6b6e6901d2678059935f23bb10e5b
a6c9657da89788297b0eed7f926569a12436b547784a4160a191ac5701e6afb2
GET /wp-content/uploads/2021/06/Bridge-Theme-moi-nhat-120x86.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/jpeg
content-length: 3234
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Fri, 11 Jun 2021 15:47:29 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPdVt7EF2otH018VlQSUCXkUnWxjBSgw4pij3RMukiOz4xdlxFuhRwUvPXHPPQ87FZqD3El%2BmFcl9SYNpH%2FwBBzmD%2FYf%2F91DW9BtqHxvqNTM7N1nEcNrN7WcMYhqjPUoCNomhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ab792c0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2020/05/wp-rocket-plugin-120x86.png
104.21.48.102200 OK 6.8 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/05/wp-rocket-plugin-120x86.png
IP 104.21.48.102:0
File type PNG image data, 120 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 22ece80ae9ac7982e9b02f9b9c7b5df1
756685f3baaa7b2280156cf2606edbbcfdcc3258
0e45e0286b66662fe47c12562f788385f83a368dc5070d06ad7bfa346d8b980b
GET /wp-content/uploads/2020/05/wp-rocket-plugin-120x86.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/png
content-length: 6794
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Wed, 20 May 2020 15:12:42 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Fm7NVPinvxl8xy0PDwo2jO02Kr0j2FD8y6LY98dzAjnjLkTwICbJ0UGRWXOo6O2RSe3kHeRsUZoT6%2B57kWGRA9eoU1dNoFF7%2BABuz9fgblPbs%2F9f6Qaap6HqPlLk795tNOsBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ab893a0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2020/05/yoast-seo-120x86.png
104.21.48.102200 OK 12 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/05/yoast-seo-120x86.png
IP 104.21.48.102:0
File type PNG image data, 120 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash bee576cb5278aad1ede8cf852e3ec2b9
d4fa12aec3eb80be43f082e88fe389d0ed36e761
fc52ea76a94911da92b64dac0cb027c331a79da233ea43881fba2bdbc3c0f332
GET /wp-content/uploads/2020/05/yoast-seo-120x86.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/png
content-length: 11571
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Wed, 20 May 2020 15:12:42 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEvsRRFVP%2BG0mja1MRz6JD%2FFpuRYJqPEgbZHpqFwBbyd72SMID9xEXhRTnoEo27N%2BJ1VZRdBcR8QAN0MsW3ln4mzTg%2Bp%2FJze7PVyHFe4RVq7vWVsnArhaH6kXe1yIpe%2FmXEQ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ab893d0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2022/07/huong-dan-cai-dat-Adobe-InDesign-2022-mien-phi-120x86.png
104.21.48.102200 OK 17 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2022/07/huong-dan-cai-dat-Adobe-InDesign-2022-mien-phi-120x86.png
IP 104.21.48.102:0
File type PNG image data, 120 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 24b3530cb6ab94d3e756b60bcac0cb1a
d771f491692bbd2d35417ad262e105743a725057
57f1c45ce9bb2d870c33a39734e8877dd86bf3688005443c77f79346b863dc03
GET /wp-content/uploads/2022/07/huong-dan-cai-dat-Adobe-InDesign-2022-mien-phi-120x86.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/png
content-length: 16703
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Sat, 23 Jul 2022 13:50:02 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BzwHF0xB6EBfs3uI6caHgZRqI%2BtEUpkj1g2TVN1HoJZg33YOkwMPHq14odIwZ6ZRfBwrPbGpdBn0ssaFF8SwGYG2fHeaamqTc9SPStOVHT3C2RmSHxvxF%2FNFNWb1BZjhx%2BVyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a9ff9f0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2020/05/flatsome-best-selling-woocomerce-theme-120x86.png
104.21.48.102200 OK 20 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/05/flatsome-best-selling-woocomerce-theme-120x86.png
IP 104.21.48.102:0
File type PNG image data, 120 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 87b3fb5d71da977cd5aa0735089579b9
0e60c39042c4e7f30f720dff6e468a21e8811e80
2eeed336f7b24d7b9a2e4f6b714436a19121a1bb0fd653a1c4ae373aff3440bc
GET /wp-content/uploads/2020/05/flatsome-best-selling-woocomerce-theme-120x86.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/png
content-length: 20137
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Wed, 20 May 2020 15:12:41 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Q%2Fk9frRaeRbjbt8u%2Bqec%2Fui7QvqTUJl0f9WakIzqWCh3fnA5X79HEPNVHMb9rml4F6PrOJ6O0hSDEvPNuQ6FbvPjbLVw1h%2FuQVk2%2B3zwY8jdVU9YR%2B%2FVIFFlEy7SYWDnXzHjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ab79330b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2022/08/tai-CCleaner-Professional-Business-mien-phi-120x86.jpg
104.21.48.102200 OK 2.9 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2022/08/tai-CCleaner-Professional-Business-mien-phi-120x86.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 120x86, components 3\012- data
Hash bcd3d0477fb10bfa492fc486c97c951d
5951be024564ffdc76b374fca0e6b40ea241b5e7
1f66ead7480effc3327780e73223e5cb5c81c441ea9ed04bcaf04afc240a54fe
GET /wp-content/uploads/2022/08/tai-CCleaner-Professional-Business-mien-phi-120x86.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/jpeg
content-length: 2880
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Thu, 18 Aug 2022 03:28:35 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQF1x4ZkPu2lLfmUNC0WsrgMFbh0E0H7fp%2FgCtEs3ea26fqmlbOlPI2eY%2B334JJSCa7OZ6q5gsfBc463FKq9YDPUwJMpCTciyH3l06yfLu3rJwfWG3ka00tjzxAlcYksmx0R6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ac7a8d0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2022/07/cong-thuc-mau-Romantic-Autumn-Lightroom-Presets-120x86.jpg
104.21.48.102200 OK 4.8 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2022/07/cong-thuc-mau-Romantic-Autumn-Lightroom-Presets-120x86.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 120x86, components 3\012- data
Hash 3ed481df6006800ee4cf78e983d38a90
84a09c6463fe2f8908ab6456887e1bc9a5c9b775
b22a35eea3f82d2416cedd66ecab0e02cb6fe56da74b17e22658a0334171327e
GET /wp-content/uploads/2022/07/cong-thuc-mau-Romantic-Autumn-Lightroom-Presets-120x86.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/jpeg
content-length: 4750
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Fri, 29 Jul 2022 09:24:17 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNzomteO61rL8ozBlVgZNMO72aRG%2B6HgsIbVj3Y5ozzMbIsc%2BqhCLmkbkDjT23UDvvz8gpldkYQ7uuC1uAT1w9KFF31hhB1pkp2exfKONNqzAJsDDD9TEoAmIMaMXGE%2Fi%2F96MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ac7a920b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2020/05/KMSpico-120x86.jpg
104.21.48.102200 OK 3.7 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/05/KMSpico-120x86.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 120x86, components 3\012- data
Hash 01fea66e40f3861365f2ac9f29e09362
1fc3ef243b01cb919d0331b1f5b08c44c22c5d52
f272f01c53e3f3c679e1904eb7a574418eee9bdb1e3bad80b89b901574c094dc
GET /wp-content/uploads/2020/05/KMSpico-120x86.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/jpeg
content-length: 3723
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Wed, 20 May 2020 15:12:41 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67KetfHAFU3XevPvNmgf4Qa30xhyvo9ZtdamTvBllHmD9CcjaF8c3gEiNefFUTeCIIQG72kVx2O%2F4gcqJOtm6%2FRJYfTa92xcKkapjbmryV2490dsE%2FORYxjkKb86o%2BOXSfExSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ac7a8f0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2021/09/Foxit-PhantomPDF-Business-key-moi-nhat-120x86.png
104.21.48.102200 OK 10 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2021/09/Foxit-PhantomPDF-Business-key-moi-nhat-120x86.png
IP 104.21.48.102:0
File type PNG image data, 120 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 87c1862c9ea091a49fdb98d56e7dcce2
ef27ca38ffaba13a25624720d54576077313c47e
ce8c5317c3b46faef9de7a4690112d96369600d4a3623b41fe1d63cccd013344
GET /wp-content/uploads/2021/09/Foxit-PhantomPDF-Business-key-moi-nhat-120x86.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/png
content-length: 10349
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Thu, 23 Sep 2021 14:38:48 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQhr9jxs62%2BsKVrZYTzcdY1HL3kX%2F8b47Fo8%2B7FKk4c8hdit9phYHxKIltxIq%2BQoxLdM9uVstP%2FCQIRXnDlCFMn3p658RbGC5Mp1Q%2BryanGBXYW7lJ4jEZWMQBnLkqVagXRcdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ac8a9a0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2022/07/tai-Internet-Download-Manager-IDM-full-moi-nhat-120x86.png
104.21.48.102200 OK 6.2 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2022/07/tai-Internet-Download-Manager-IDM-full-moi-nhat-120x86.png
IP 104.21.48.102:0
File type PNG image data, 120 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 9667a8d06d3d2daf03dd89fd4efdc2ff
33ca6bb6ec1f276a938b29ddb7a8823131022bb2
2e0dc0e016a6fe5dc70d64b754ed3ea2e55c6982ed2ab9dcfd47ab4f2fc7c2ac
GET /wp-content/uploads/2022/07/tai-Internet-Download-Manager-IDM-full-moi-nhat-120x86.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/png
content-length: 6151
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Fri, 15 Jul 2022 08:41:19 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4h0k4Ne%2FxvzoJE5nOBqpzT2N%2BIEHVFVwRelVjbzIHIHz6DFQ5p14BX5vvQ5XQJFL8HzPlIvlGcNOD9CsgjtA%2FGBUgkVmxFN%2B972Sh%2B3MEbENHCKTcTbASzq%2BfJDfGxFJg%2FdDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ac7a970b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2020/12/themetot.com-the-gioi-themes-plugins-wp.png
104.21.48.102200 OK 76 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/12/themetot.com-the-gioi-themes-plugins-wp.png
IP 104.21.48.102:0
File type PNG image data, 720 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 74c2cc5b462352084503f9e4861b1785
831bbd5be6676adf916e3edbfa4ea3890477b8ae
85de2def8e48e2a20a5b6151929f4aca77f1d1e5ca753601dda65fe324816548
GET /wp-content/uploads/2020/12/themetot.com-the-gioi-themes-plugins-wp.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/png
content-length: 75525
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Wed, 02 Dec 2020 16:10:32 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVxJMQ%2F8tKCGk2bcNUIvvHQ8nzehqBHRYcVHlH3J%2By0P39Pmh1aX8FxLjPN9CrqryW1v8rswnvJjkDchAG3d77p%2F2vOJBo2l%2FmDb%2FlOMaFa0voCTe8BRpsbwRadACzufwOkJVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a9ef860b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2021/09/tool-hay-ho-tro-seo-sharethuthuat.com_-262x300.png
104.21.48.102200 OK 64 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2021/09/tool-hay-ho-tro-seo-sharethuthuat.com_-262x300.png
IP 104.21.48.102:0
File type PNG image data, 262 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 2317003b1e26190a3b51eca06569c7dd
8049c658501024534794442a94cf5a1f6c170488
a8662f65407a5b6fed3a9c5383688b0ef5f8b091e5eeb43d8bbfc4d4110fc026
GET /wp-content/uploads/2021/09/tool-hay-ho-tro-seo-sharethuthuat.com_-262x300.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/png
content-length: 63928
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Sun, 12 Sep 2021 08:59:38 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBP%2FSTRzIsXz5hEmuRx%2BpFS49Y%2BTIxA3CHAzLzMd1iA1uSfJ5uUJ9T2djp3da0GQTpvWhGmgBdSO2pPevlo9iFDipW0%2FcqOpoFmcSUU9FymGhys59Oddz44049625MR%2F%2Bcy08A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a3c8f10b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2022/07/tai-Adobe-After-Effects-cc-2022-kich-hoat-mien-phi-120x86.png
104.21.48.102200 OK 15 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2022/07/tai-Adobe-After-Effects-cc-2022-kich-hoat-mien-phi-120x86.png
IP 104.21.48.102:0
File type PNG image data, 120 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 524627a6a99480f3a041f5794d033e59
2022cca7957871ce8cb51e2d7257ab972372a92e
07db493db4fa2fd38d1bc982a1fb01a427e08712a03debeadfaa539d5012e439
GET /wp-content/uploads/2022/07/tai-Adobe-After-Effects-cc-2022-kich-hoat-mien-phi-120x86.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:49 GMT
content-type: image/png
content-length: 15430
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:48 GMT
last-modified: Mon, 18 Jul 2022 15:13:38 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPpTJZSSrq%2BxxyJ1Wl9i9M%2BL5G4oL3pjn0UjVSFn%2FfqgppdHVWGRvuOmYqMSWNn9UtoO5%2BVp4J4zUZsfwc%2F5WJkCAIMPmjp0u4%2BCksg%2B2u6yLgSjpdTqRpQ640CNw8BBWxQNZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ac7a930b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2021/10/sharethuthuthuat.com-tai-windows-11-ios-chinh-thuc-350x250.jpg
104.21.48.102200 OK 16 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2021/10/sharethuthuthuat.com-tai-windows-11-ios-chinh-thuc-350x250.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x250, components 3\012- data
Hash bd071d0ab33e98844dac589666b238df
5649ee2d4d8eae8c3f2d8c960678ad7cb09a47bd
a7fbe9940ae76e818bb624d9669e1695c2c536e12281a53774dd7be09da45f21
GET /wp-content/uploads/2021/10/sharethuthuthuat.com-tai-windows-11-ios-chinh-thuc-350x250.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:50 GMT
content-type: image/jpeg
content-length: 15486
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:49 GMT
last-modified: Tue, 05 Oct 2021 02:35:44 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78J53GoMUd%2BGrmjkiwv6EVB6L6vN5nf%2BA3rGJ3rIsMtFCcM6TxRDB%2BCKgeyAWap2A9RjyTsxt3ZthpJFW8zCVyNIn73ddTOsexf0IKJ040wIy%2FSj7%2BgbT0op73wuXhau4%2Fprtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70aeccb30b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2020/05/Driver-Easy-PRO-120x86.png
104.21.48.102200 OK 19 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/05/Driver-Easy-PRO-120x86.png
IP 104.21.48.102:0
File type PNG image data, 120 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash a5f6ba222f8d21ba43fb41985908339d
ed39a7c9967e3ead2a23aebdedd555a1c42d95b0
9f739abc1b1e016935ad438c1208042194a4086a51a8457de3ca0c15c72cac28
GET /wp-content/uploads/2020/05/Driver-Easy-PRO-120x86.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:50 GMT
content-type: image/png
content-length: 18834
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:49 GMT
last-modified: Wed, 20 May 2020 15:12:41 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8gC7ytrpvs41%2B0sMjkobctpZLLZyvppXlABB44haVnzCv%2BgnODGzTUItqOC7tgXf%2BJ24CoUrWlqTyKDZ2HMDuTYXDrpd8hICAURUuVCu9Sr6DnbkYxA06T2AZLa7WN4aySD%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a9ffa00b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4d75da10c524adf5e614376ee790fad9
729dda60c93e4c34c0c1002a884430c82fb715d6
8161c5c62c8fb4f3860f41269a68d4cf17d2c97b2ed42115b4578b7187b17021
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sharethuthuat.com/wp-content/uploads/2022/09/Get-Link-tai-Adobe-Stock-mien-phi-120x86.jpg
104.21.48.102200 OK 4.8 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2022/09/Get-Link-tai-Adobe-Stock-mien-phi-120x86.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 120x86, components 3\012- data
Hash d91626a567db2c339dbddcb4f4d850d5
167191e4df6eabc8c97743c30591f7e8b0fd418e
26f3f35284462ac7cbfae40ff552cde6fdd25f5199b09a052690f9298ab9e2a7
GET /wp-content/uploads/2022/09/Get-Link-tai-Adobe-Stock-mien-phi-120x86.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:50 GMT
content-type: image/jpeg
content-length: 4820
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:49 GMT
last-modified: Wed, 14 Sep 2022 07:12:55 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHP%2F1fmzZjR2Y3knzKu8YVK%2FHGjSLOvyh5H%2Bu3%2F4JxEmSR49g71VTo4GbiViEsmjrgJPoBIbplnDBLHodG51ndj9VROEaPf0fzdYeFCPRxAhijP5AdsxFsQjNvVIY8xYjrKAsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70aeccb10b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 22 Sep 2022 18:41:09 GMT
expires: Thu, 22 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 2801
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com.vn/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J83YEZC3HM&cid=1423798980.1663874867>m=2oe8o0&aip=1&z=1846240596
142.250.74.35200 OK 42 B URL HTTP/2 www.google.com.vn/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J83YEZC3HM&cid=1423798980.1663874867>m=2oe8o0&aip=1&z=1846240596
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J83YEZC3HM&cid=1423798980.1663874867>m=2oe8o0&aip=1&z=1846240596 HTTP/1.1
Host: www.google.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 19:27:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6196667024529156
216.58.207.194200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6196667024529156
IP 216.58.207.194:0
File type ASCII text, with very long lines (2903)
Hash 236a29d6f0714ff28cf75251e912823f
c103b524e8bd320ce3f22cfaad6d93a026c3aa63
5e72f1d35063dcf1b4493adf20569b6e0a2787549041bcdb1af2e94e2bf252c4
GET /pagead/js/adsbygoogle.js?client=ca-pub-6196667024529156 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharethuthuat.com
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 22 Sep 2022 19:27:50 GMT
expires: Thu, 22 Sep 2022 19:27:50 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16393964864434251511
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58085
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4d75da10c524adf5e614376ee790fad9
729dda60c93e4c34c0c1002a884430c82fb715d6
8161c5c62c8fb4f3860f41269a68d4cf17d2c97b2ed42115b4578b7187b17021
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 18:28:48 GMT
expires: Thu, 22 Sep 2022 19:28:48 GMT
cache-control: public, max-age=3600
age: 3542
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220919/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Thu, 22 Sep 2022 00:13:49 GMT
expires: Thu, 06 Oct 2022 00:13:49 GMT
cache-control: public, max-age=1209600
age: 69241
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sharethuthuat.com/wp-content/uploads/2020/05/favicon-1.png
104.21.48.102200 OK 688 B URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/05/favicon-1.png
IP 104.21.48.102:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 16e84f2fd5e15d0e2feb431c921121ab
0fe502a63ab23a81f7de45c8c71617873c3037ac
61875d4e16ee9bf1b5f007c02b2a26b0ef4de3d6c4474a1197bb11441b1f8a00
GET /wp-content/uploads/2020/05/favicon-1.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:50 GMT
content-type: image/png
content-length: 688
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:50 GMT
last-modified: Wed, 20 May 2020 15:12:41 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEvFJPWDbPGoTcUR6ADppSBE%2F2KwgiG5kS2L0mhMsPMIuqT9%2F0EYD9aKUb%2BHF7au2b2173ob8UPPOOoWOIQ0pvYx59JbrD12hxY8ifLPO5lA2XgyXJdI5UlzDs40Y7YDG3RZpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70b4db6c0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.170200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.170:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 19:27:51 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Thu, 22 Sep 2022 19:27:51 GMT
set-cookie: NID=511=u1dC-oSxfdWNdkL1mxxlJvKcMnwElgW3oSXjtEcMootZ4x83ZPS6OhCkfec9CtcRTygwmmRxyvQJZ1lUxb5HTPKqw0OpXYd8Jpo6wkD7Ps2nzKgvWNT4hhkvZk7zS-HC8xv-5X-nmMwwuk3C5P0Yu6dQv1b7WG_QSYVzfrJF9G0; expires=Fri, 24-Mar-2023 19:27:51 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+568; expires=Sat, 21-Sep-2024 19:27:51 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=sharethuthuat.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sharethuthuat.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharethuthuat.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 22 Sep 2022 19:27:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=sharethuthuat.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sharethuthuat.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharethuthuat.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 22 Sep 2022 19:27:51 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51ca5853da6ab1b45b9b9d8425056853
b912e4d1ee63203030fa6efd1a77b5f02f4f86e0
a5dd1386ea0a4adc2678a71557841daec7a91a80330c7cf3dc845963c4addd3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-116604403-1&cid=1423798980.1663874867&jid=190413986&_u=YADAAUAAAAAAAC~&z=186853066
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-116604403-1&cid=1423798980.1663874867&jid=190413986&_u=YADAAUAAAAAAAC~&z=186853066
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-116604403-1&cid=1423798980.1663874867&jid=190413986&_u=YADAAUAAAAAAAC~&z=186853066 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 19:27:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8ec1540e8ec974c8f6edcedfe7dd807f
920b0ea678361a34b5508dee6c6f556a47586562
5749ded70372335a59fbf3f405a3330d8fb4ba6ae1df1417e8197a723abc46cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 682477608532cf0f939b82148a7d996c
53f5564723f8ca88bf990fb2e4de8ffd8000c96f
4f89314a758da9c42d7ab1c97f8794e3c10ed59112f6bad7f02f8b63fc24a3a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-116604403-1&cid=1423798980.1663874867&jid=190413986&_u=YADAAUAAAAAAAC~&z=186853066
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-116604403-1&cid=1423798980.1663874867&jid=190413986&_u=YADAAUAAAAAAAC~&z=186853066
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-116604403-1&cid=1423798980.1663874867&jid=190413986&_u=YADAAUAAAAAAAC~&z=186853066 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 19:27:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sharethuthuat.com/wp-content/uploads/2020/05/IDM-Full-ToolKit-4.1-350x250.png
104.21.48.102200 OK 116 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2020/05/IDM-Full-ToolKit-4.1-350x250.png
IP 104.21.48.102:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (116465 bytes)
Hash a81ec58d7a20f6ed946951bf1d0338d8
4be34fcbd5a8c6893a87122d2effc5e2bfce6c67
cf288501e99ff1b6a0b9344d2615a9e1c66db4556b6b44ea6897c1a0c003a521
GET /wp-content/uploads/2020/05/IDM-Full-ToolKit-4.1-350x250.png HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:51 GMT
content-type: image/png
content-length: 116465
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:49 GMT
last-modified: Wed, 20 May 2020 15:12:41 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmTMtt7GBu%2FPtZeF9tk9tyXKSRPgASZSs6Oc3YVnkU8YKMaQVV4SmDJ2dsIuAa5wcFfwP30RHrLFke3G3aKE4YshLWeDjE2HmjhZ0ki3vIWpcdXlrcyOit%2BjeKDADsY2eYkt2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70aeccb40b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 10ae49480aecaf4bbe48fe413fb884f5
eaf76e35924e7e2465d8d51f81e1a39da508a496
dee36f9aa3d11c1b3d6802fa611adea95ed277212e47f16392cd49f3161e205b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 10ae49480aecaf4bbe48fe413fb884f5
eaf76e35924e7e2465d8d51f81e1a39da508a496
dee36f9aa3d11c1b3d6802fa611adea95ed277212e47f16392cd49f3161e205b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1624)
Hash 3ddbba67b377888cf6ed28509cf143af
2b8ca5ed3d2c4bccd9863125296e36400c7c760c
6fdbe9e87b24700f75ac8cfca96fda275c46149880fd0122dcc7971c2f2a7cd9
GET /pagead/js/r20220919/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 9574
x-xss-protection: 0
date: Thu, 22 Sep 2022 19:25:37 GMT
expires: Thu, 06 Oct 2022 19:25:37 GMT
cache-control: public, max-age=1209600
etag: 3447265524526809024
content-type: text/javascript; charset=UTF-8
age: 135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1494)
Hash e405feb1007c3047d26705739a1c67e5
af2d89d360544712809ff95ef0f45fc9d0fd2cc2
621472627095bd4b65ec5d8616208d2cb3297dcf0692bfaee6b2d149c1deb757
GET /pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 7568
x-xss-protection: 0
date: Thu, 22 Sep 2022 19:26:08 GMT
expires: Thu, 06 Oct 2022 19:26:08 GMT
cache-control: public, max-age=1209600
etag: 16266204680973569043
content-type: text/javascript; charset=UTF-8
age: 104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
172.217.21.162200 OK 44 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 172.217.21.162:0
File type ASCII text, with very long lines (3498)
Hash 1191238e4518bf6ffe3de5bd10369470
477feae219fa11d8f0404812eb1eeb62cc40cbda
e68823228e0f39a3ed549cae9e5a77dc0a56247eee02b3ea919a8da4a14a3086
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44544
date: Thu, 22 Sep 2022 19:27:52 GMT
expires: Thu, 22 Sep 2022 19:27:52 GMT
cache-control: private, max-age=3000
etag: "1663587528796173"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 10ae49480aecaf4bbe48fe413fb884f5
eaf76e35924e7e2465d8d51f81e1a39da508a496
dee36f9aa3d11c1b3d6802fa611adea95ed277212e47f16392cd49f3161e205b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 22 Sep 2022 19:27:52 GMT
expires: Thu, 22 Sep 2022 19:27:52 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/2021/06/Bridge-Theme-moi-nhat.jpg
104.21.48.102200 OK 32 kB URL HTTP/2 sharethuthuat.com/wp-content/uploads/2021/06/Bridge-Theme-moi-nhat.jpg
IP 104.21.48.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 590x300, components 3\012- data
Hash 9e040ceff2fdce2511468d7f40fe82a0
1733cf0a7e430c7e1adc08baa5c914bab9462c29
922df8b5cfa16b73c087eb42b311110c2ae0d5ed1cf5e9b8e914ee554879aecc
GET /wp-content/uploads/2021/06/Bridge-Theme-moi-nhat.jpg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.2.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1; _gid=GA1.2.629019025.1663874870; _gat_gtag_UA_116604403_1=1; mtsnb_lastvisited=1663900069; __gads=ID=a96c240f57a6ab09-2265adc446d7007f:T=1663874871:RT=1663874871:S=ALNI_MYuz7icUyNVLiX8P_Rx_k3M83DLsA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:52 GMT
content-type: image/jpeg
content-length: 31780
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:51 GMT
last-modified: Fri, 11 Jun 2021 15:47:29 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVLkQAM7gvYDP41zBeC%2FBfGLg%2F2VqfHHPq75kNrBOU6jB84JD8GfwbxsrBm0sPogETLJlkMnmhW0mSZoTP6B3v0OKG%2Fdy25JBiKkElGmMYPm58ZMhWdAv%2Bje2CPpoLuh61%2FBtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70be1dfa0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/jnewsticker.css?ver=1.0.0
104.21.48.102200 OK 895 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/jnewsticker.css?ver=1.0.0
IP 104.21.48.102:0
File type ASCII text, with very long lines (4595), with no line terminators
Hash 3841040407951452668d794bad45f49d
3e80a4bb973b67737a953450d0cae58c2fe11a2a
7d34562c32696a1f907c5a00196d2477808e2e66df7f1c2a418bf6d104c91367
GET /wp-content/themes/jnews/assets/css/jnewsticker.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BOPnV0HY6amQoxmkKiJVANyoLZB%2B%2FgzU7njWr19KMcrz9O%2BP%2FtT1cZhUC5LTrpUQAPxa8gjI%2FhLDL7QaIICLsWbnix%2BGBBlOTSNFNLiq%2BGUty4INAmJlBV442l%2FJpZzwiQTtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70994c0a0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1b099985efaf8c67552ba2a67ae2a21
b464042a8dd957fd751bc03701e5907b85a02099
e715e3919eba0991fffa4e7123e5561c7190ec5cd6d10d64430be810650486a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 19:27:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
216.58.211.6200 OK 25 kB URL HTTP/2 s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
IP 216.58.211.6:0
File type ASCII text, with very long lines (63851)
Hash 839c0f19f071a97b420bf573dc1102f5
9654cad2cc914ec1905d30fcc75b3a7aeb4e4ada
5517b90cb50d0e4de8872772dfd8433fe865d147bb6dfe909fa480b9552c1402
GET /ads/studio/cached_libs/gsap_3.9.1_min.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 25329
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 19:27:53 GMT
expires: Thu, 22 Sep 2022 19:27:53 GMT
cache-control: public, max-age=0
age: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.1
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.1
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:46 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 11 May 2022 09:32:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXV5qW0AEIMbi%2BlH4WS39jEqByYRlUJHbhG3GB3aPqTchfuydr5iQQzK9YBavquYsZsqiMBMArFZptrGCuhOgMIFpE%2BzTfctNmbQTbRouueJH5oN4M9FQVpFnNQ%2Bo1uhud7hDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70986aa30b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/jquery.jscrollpane.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/jquery.jscrollpane.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/css/jquery.jscrollpane.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUviKOy6TbhEK3p3Iu%2FRzJ7WEgbHaIHe6xpgPiQvgrxLcZomyR1obn%2FjTxIARDFTt6nRvIQwE8dgoSrEXB1QP1SBq4IwN8P1rjvMXsOWk%2B4cDnlOHchJ9OZqAUGfVpmsj8D02w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988ad70b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/ls.bgset.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/ls.bgset.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/ls.bgset.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdmbRFOn9Kj4qJa%2FtLjx4KMCExMkmZzFrYOrYg2UhV1%2FMrcrpVIz7Fo59VT%2FYPM69KQz13gukK7rtbtF7qRd4mPNIeaECddFJ9CurcmHkVJKWGE71ytO3nEubbYs%2B3f3vaWzEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c450b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 104.21.48.102:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Fri, 17 Sep 2021 08:08:03 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9wyYD%2BupHLF66%2F9xIt7Ntyphkbo4m5NrT7ff4sripH1h8ceCyFQ%2Bl1ZOkG0E7ghnJtlcCraZAWcCMwl1WjId%2BIKnhGkptiU7yQyaXIupvEQEkyssCIUomQdmrvc7%2FrddbY4jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988af60b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/zh-CN.svg
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/zh-CN.svg
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/flags/svg/zh-CN.svg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 11 May 2022 09:32:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3BU%2FQur6ovufT%2F7QThDx%2F%2FdPe2jPU4itZt8QsV%2FBlJvLeybbEjYj8jVku%2BTfioV60tgVwBwAWS8YcDyj4IcOZEzj4Saf5gtAqIgICRC4irxX6ibbsGce0T7nFtRanzqwhgcRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70991bc00b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/slider/jnewsglobalslider.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/slider/jnewsglobalslider.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/css/slider/jnewsglobalslider.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlMNJpDI1xVqucJwBa84Wc6v7AbUR1YclEPyxjpNVPyQ%2BHuAO5LqaLFOQe55fNh0yS1MMNBkEo9SJmMD8hTDTlDXfImmEuFfgFHACMigUwLcyxYkiOS9y2nMACzfAkL0L9FWfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70994c100b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.smartresize.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.smartresize.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jquery.smartresize.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIIWWwuR8nBZeJcWjpgS5NG1sg4WRV0l%2BAmUCcE1Df55k2IqDcW%2FNSje1%2BsBiyy0mJMKEA0ZD20Hg1n71Cm%2BFiE5uMeHKQs8nuwMM3hl2jo71z0KZYw0ZN0R%2Ba1FgI1WOzYBUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c5c0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 17 Apr 2022 13:49:35 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pbbwj9BYsnNtAh2xY4oK8bWJKxnb65VAUsVamy9LcVmuHgn7rylVjHtp8OsWDQwncrCnkOP6wQBB7X9aFikTiZ%2FbGTEBOb0P0p%2FxG4IXTuIOsO3JgtfZDaAOQe4uZ1O8glI5GA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987ab50b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/
104.21.48.102200 OK 0 B IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.23
vary: Accept-Encoding, Cookie,User-Agent
cache-control: max-age=3, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aq0iN444ua%2FDs7iRqIHK1n105aavoUgiBZ02ZCmbDvtheaw50r36db1bVJT%2FiqSafPQtn25Yt%2FB0AD8uryFufOBIaBrgM668If6GH25Jx2CVk367v5Qyj8PqluFfw%2FU0ohP7MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed708e6f2e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.3.2
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.3.2
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.3.2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:46 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sat, 13 Aug 2022 13:29:28 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyVr%2BHlux2rg75noNrngH3MY0uhXCR6YddOvdiAq4BkGIrjnQdQwOPBTg1VQ1wP9YI%2FWX36e347474x6oxB8wfDeB0psjMFZKsHPeJ1cTp0Q9RYJrhv%2FjQ158lNtqZrYVTAy2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987ab00b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/style.css?ver=6.0.1
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/style.css?ver=6.0.1
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/style.css?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:46 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiv7z9h9Hr9QvKAHEUuihtIfxpWwJqD%2BUSBsV62%2FUii8DP6S8N4YupMPi4qMZsUTRwU11%2BRUqyrfvh%2F%2B0SaVVkyCaBo6p5zeH%2FCgDLcBhYMSC6BI7oiyB1Cj8NBcNUImVHkG3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987ab40b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/mts-wp-notification-bar/public/js/mts-notification-bar-public.js?ver=1.2.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/mts-wp-notification-bar/public/js/mts-notification-bar-public.js?ver=1.2.0
IP 104.21.48.102:0
GET /wp-content/plugins/mts-wp-notification-bar/public/js/mts-notification-bar-public.js?ver=1.2.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 28 Nov 2021 05:43:48 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoBdyzyJcfH1%2FUsD3GyCZj66naxJpUPfuylUyV4xl1QMpeVXVAoMaNkgyFy65XWBSF3mSXhe03p01eIdfVidnzsRXTvOG00gg01qIeugdv7SJTas7c14qdwFWjql9I0zIS5XCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70989afb0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jowlslider.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jowlslider.js?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/js/jowlslider.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDYdarh5x6mOQqQAVqTjte9EF%2FOF3ZlgDBj555A8aQzXV7qTJhh%2F2Ali1mcrN2I6aGrvHHZhcB15%2BPD5lPkPtES2mDYJvFrqIQWgTaXA0edNwul8Eqt6isJ9Dh%2BcBsTlnDZEug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c800b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 17 Apr 2022 13:49:35 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m15z4SsKXwdR2lrnTK3H1WujcPWpc1H%2FKj4AArDzvxxTETFbR0rWE6sXZlGCEPrpjY2KI6WwQ5buXl%2F3aTbowigRmTtmlA4fg1BtBmCjPlLXjEJr1qHu9e2BID%2Fd2D9HpOB7ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70993c020b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:46 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 14:16:51 GMT
etag: W/"6329cb53-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeWluxZBQ97cBF4gBMndkFDMye9g3pD71u%2BtNdbPpwzUg%2BhPMfKC24l1rCsAEcX94HCpWayRAu3M6dYYQWfZJ%2Bz6wf2QP57r7jxjNsLulJFw08%2FhdqHHMRRLGfKqTnX3jh86tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ed70991bbe0b31-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 24 Sep 2022 19:27:46 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/ja.svg
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/ja.svg
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/flags/svg/ja.svg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 11 May 2022 09:32:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LTyvCs%2BQXr1rd5n7lgNQwL3t4vDWlgw%2F8s6pdw0R9uPyWZYLr3jZV4%2BXcIXuMa4bLTKX9vymVdAwgZgZNYxfdwYkGetSw2PbXaXDp6lqGdvMuZ5bD9jpROqcFiDs4N1tS84QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70992bea0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/tr.svg
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/tr.svg
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/flags/svg/tr.svg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 11 May 2022 09:32:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0jrnYfcZ6itAxBOxO8QxImJmWdFcOXm7cyGGwWl1ywX31A%2BQ0g4tooe9ASZo5QiNQLnjMlsYy5ejyDL52E%2BqkAJRr%2FBrcIGRYIfbJlqOt907c5qiJ2OaNN2KjaZOH99Ij7%2F%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70993bec0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sat, 10 Sep 2022 14:59:03 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83sDQNnIUe9nTnSuIjW5cLhN1wgMRWdwNBiBImRqaKbQT7mZ9fCFZxbaTw39NmgOIdkU3F2TGNKeZuDf10xwg2EHE%2BChSHwaRoms1y1bC4r1W2Jx8ZC5BVHQTA1ygMTEu6zDIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70995c320b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/chosen.jquery.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/chosen.jquery.js?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/js/chosen.jquery.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFVzLziyDTpzREBmTiopivB4OOUCLxX%2BiLiBZStenHLttcAPcRcW4qqN2t%2F%2B6gC%2FcfA4ZZ4cyaqdCO3%2BB9CNS99dN3WcZ1omwB%2BUXE7nSFslqJUk7WnCQY5Ca0%2B5QIyxj8qlxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c5d0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.magnific-popup.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.magnific-popup.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jquery.magnific-popup.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8RON1tQi0J2tLMpTjVjils1TQuwOooVNIYsnhZivlf3EZ0%2FEy1g%2Fz2v2lf7F0TESfMeT%2BA1qFDJQp%2BrdwdgGL22RmJKp3YrEH0cX7AU8AW%2FbAUj70B1Z7u36z%2FInd07rFwOOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c630b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sat, 10 Sep 2022 14:59:03 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtLoFCIAT5S5sfPMVWscEb3YWEcFnyYmbLjizTJuA1VIxaXbTwHay3btcFDmWC8bj8cNzYP9i3YreuhIKK0ciK%2Fgky%2BLk20nZ0%2Bq7N%2BG1V69X0UB%2ByZb9dKyJ%2FF01EKx00wZbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987aaf0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews-child/style.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews-child/style.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews-child/style.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Fri, 26 Nov 2021 07:14:57 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7AMI6RjTX%2Bx40zEj2vtZ1Ypsk%2BUfuC%2B7Xnlz8taE0zUWPj%2BuEwPKSHj4AyutjRt3r%2BOxvH0uEwGwvSrgT9IN5WWou%2F7v6lWGo0vOCU3Rr6d6nEhIIEhNBcmd6eg6xgObuvyVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988af30b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 25 May 2022 07:58:44 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fzr9afogQAbEQAIqDSmWl9omeEsshxOVaIAvt8S%2FgufduAg8Nmto1XznfIKEapqtb1nWN6oSzgxWfbhRw%2FcJLhPubLWOhANYBaytmpnZ8OAROcG7fDzalDPVrsJLaeRnZO9jrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c3e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.3.2
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.3.2
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.3.2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sat, 13 Aug 2022 13:29:28 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WqNe20G7NDYp53poZgJjhOHnp0Xhi67W%2FHFfg5oqrCkikuT6PtbOk2JiMuYa7SRy6A3n7FaI1k3u9RQzdvmlBOghuFJlnArndit5q8MEOoPotzBbX4WoJ5cl96qJ0Sb1DfYRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70995c380b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/jnews/gtag/gtag.js
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/uploads/jnews/gtag/gtag.js
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/jnews/gtag/gtag.js HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 29 Aug 2022 14:51:49 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEOCiDyjqCiNH4U9zjjq9dJYlMqQl0mi39IT%2BdL8K697AyMnJUZMsQBe5FHDGZ5FEzihtCQpiLmkVbl207H2GVZp%2BK0eaXM5aCq3M9kguF%2Bh%2FVOFqObz0qU5ySIrM%2BuATxaeQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70989afc0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-admin/admin-ajax.php
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-admin/admin-ajax.php
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 65
Origin: https://sharethuthuat.com
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867; __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; mtsnb_seen_2145=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:50 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.23
set-cookie: mtsnb_lastvisited=1663900069; expires=Sun, 19-Sep-2032 19:27:49 GMT; Max-Age=315360000; path=/; secure
access-control-allow-origin: https://sharethuthuat.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
vary: User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wh8AZYRGY6dIha4X%2BQxfdU768Px%2BYW0Q56eX0OC4r1LJMdw76zxsxBIkRmD4%2BXrvUKwGXsCelTAQWuCwEEepJf4NHYNVUSd%2Fn682MfG9j0acjNWFsyfgYX%2FuLHfoGR4t8ZqTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70ac1a160b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/js-composer-frontend.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/js-composer-frontend.css?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/css/js-composer-frontend.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:46 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA5ivUHVaX43HWg0tQZItcGSNx2%2FlQ5CyFAnQYBjddJXi0WUDjTdjA3h0pxPN1wteedPt0qmycqQk8Rxws2Zp7uWjFGJGHrDbRUeQQXtYuJUt3C1zTDclhp%2BMKJeQzqPUCCC5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988af10b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.1
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.1
IP 104.21.48.102:0
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Thu, 15 Apr 2021 04:07:21 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wPQWXyCrwA1MeAh0E%2FJrS%2BqhpT1d%2BWgq%2FpIRRhDqj%2FLGliEcRUluj6li%2BFlFFJkbpYTZhBHBK02seUu0aHmN69hhztICUk4Lqycm52Rt%2BFFsV2k095pyjWG3jTRr7NiMgFP1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c3d0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/superfish.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/superfish.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/superfish.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9bf3Eg2kYeN6IP%2B%2BhQAUQSLzX57bDf5g6lUWpMK36O%2F%2Btc5M%2BvZauld%2BuRqUtD7aTeTC4NmI9hKURS6gruwyQL3W5cWjld%2B0EkIFOBHOyYKr4nWrXqifZtATCn2eMK3%2Ff%2FYdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c460b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.jsticky.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.jsticky.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jquery.jsticky.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fu%2B2mhmSyi8Ky06tUNDDoU2%2BVQc1LR8X%2F1lupLlf7c13SsLxZbfsm69Ng1ic8SDwFK2B0wfDtOtjlYN99HO5xzOtslNCL6z8sgLI4lJn529901SJ5rg6mgQPNE1ySd%2BrvPZhjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c6d0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.okayNav.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.okayNav.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jquery.okayNav.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ELKIoirUHpXLtNJo0KzhkFXiJ9xO73eOc6HuwzsRvs35tEH898fjtRKkCXxLqzeAa4LsZbIFVQhJObrJtvlX3ob3BxyxTjs9kvghOre%2F7uj7hHrZG8fnRcL%2BUnCJ0y7n32opw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c560b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jnewsticker.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jnewsticker.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jnewsticker.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTEe8TFlP6SfhV07dN%2FmWxZthhBTGIYPWfNYLHE3Q2hJPYOFOyvANKS44KQUPv1TBTsbrBjPKalcbvmD8%2BYVVh1%2Fpkdu9pCPXKB5D66Bd4uSIVNnRBUMPyCEfP99xn2xfExv5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c770b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.1
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.1
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 20 May 2020 15:12:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrPQmtW%2BKL4DYmmUePjVGDpRwL50SWnowwfQZFtKaVF5S9fGg3WM43qJJppOsOU%2BQXG9Bv%2B2RGI9E87aMcUYvkQjagNAcYzHdMuuW1Q%2F5jwOSE2DNoSeHyUa7X%2BR%2B34Q3vVRAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987ac50b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/en-us.svg
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/en-us.svg
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/flags/svg/en-us.svg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 11 May 2022 09:32:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQ9NAEnJatN43R6YfiEnj7Ky5zQ3QacTqDIUjIy9vo3dQNEgv%2FLrVT4RfRLqvUvdXdadzk5fjua%2Fcn0dHt%2Fk3Ik93WBCusIgj2hzfiz9eTupEYDqm9Oj0CBnfNC1RBpauJ71PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70991bc60b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/lazysizes.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/lazysizes.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/lazysizes.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9883jaJvl3MFA2D7Ti4JtC7pOvB7Yw5GEqw7V5%2BDdF4w6z%2Fe01XGoN5Z6w4sHKBt7%2FplRbPzqrmfWJZNgiuiQoeuj86xAlvGWXTHo5auBKysTzl0dyOnIQbz7UKlX6YkA0DNHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c420b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/fonts/font-awesome/font-awesome.min.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/fonts/font-awesome/font-awesome.min.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/fonts/font-awesome/font-awesome.min.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxdZrwHfK%2BoZ3QoAVh7bfdHkerk0%2FlTNiahg5PpGuM9y%2F7dq4s7YR4jt4%2FxfPDhLWT48f%2FXZyBN%2FMTKNJsBpfM6jQmOb8j2LBibihSNMikqbRX9zJu2DGMa7DtpAiPqLj0wa8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988ad20b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/clink/assets/css/clink-style.css
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/clink/assets/css/clink-style.css
IP 104.21.48.102:0
GET /wp-content/plugins/clink/assets/css/clink-style.css HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 06 Jun 2021 06:58:19 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgOIQH70iWWojFNziiZb360LdbpqlBh9W77P7ZbICxv25IoF6W9Gj4fkElD95Mn5ZiRlFmEh58k%2BPrpppIM%2Fy%2BqWtx%2B1BaLcqiWvjxS3fgTNgLE%2Bqll0XnKtOZhOPr1xfYDnfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987aae0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/bootstrap-flat-extras.css?ver=5.1.2
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/bootstrap-flat-extras.css?ver=5.1.2
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-domain-checker/assets/bootstrap-flat-extras.css?ver=5.1.2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sat, 01 Jan 2022 03:48:05 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltpYflkUiJEOzgHHtWEuHfjZHPB3TIuoISN5%2Fj248P3MUqsC8vHeUGo41YaA%2Bg8ZYwUYSZHOIYp8iIrcCFUTKy%2BS%2FhHwTDQhBiazRhNJKt4QcRe6sDjWLUUQH5P7Imy9yrM%2B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70995c2a0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/comment-reply.min.js?ver=6.0.1
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/comment-reply.min.js?ver=6.0.1
IP 104.21.48.102:0
GET /wp-includes/js/comment-reply.min.js?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 25 May 2022 07:58:44 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4G822Sk6XEkGadLIkPTJUeAFHI7Y1H1ry%2FkGzTomjD0jekYfvmhC66J6VRc38tMUNlTorhpcgAipGJ7N3mecIJmhH9NiC5R%2B4akWVOa9Q5Yhm%2FiCOR2bjkkZhejVPs%2B63t2uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70995c390b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 17 Apr 2022 13:49:35 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8pTPo0rK2Vpy1YRfHVTsjk%2Fq86IF6eh1AMt4Jn5BgR9k6mTtOpQLIGILzWXqdLS5qujnskx52t9PPvEWyNLoPO5eDdnUr55HD2yDYyVpp2HE%2BM9f0mZm%2BckdKSJqpnQj1PWmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c760b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/de.svg
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/gtranslate/flags/svg/de.svg
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/flags/svg/de.svg HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 11 May 2022 09:32:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FNfrLkFw3pXFPLQARu7bf3P%2BySBodOs63xOXOMHCCUpWMgZo6dPKE9ayN%2FDI74ti%2FyG1alQtfXwAOnje43xhJPdffMVy2MZNx6%2FKbCft9NOGO6NIo%2BUGIjamIfTSLAltTSMLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70992be70b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663862400
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663862400
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663862400 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:48 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duHMqszFcE6AALdNj8xKyUe3SNRAPmkAAVby9VooZ39qLhH8ZFz9Rgty4J6eAyKt%2FjCsBIRI2nrLSklnQYALwzkjR6QySWvq63zfg%2BN8eokYRkWYpgAB1omkWlwoKcwSmscm9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a6fc620b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/cdn-cgi/challenge-platform/h/b/cv/result/74ed708e6f2e0b31
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/cdn-cgi/challenge-platform/h/b/cv/result/74ed708e6f2e0b31
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/b/cv/result/74ed708e6f2e0b31 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 411
Origin: https://sharethuthuat.com
Connection: keep-alive
Referer: https://sharethuthuat.com/
Cookie: _ga_J83YEZC3HM=GS1.1.1663874867.1.0.1663874867.60.0.0; _ga=GA1.1.1423798980.1663874867
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:48 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=O.XxzeWYpsaPSg0.ChWOfMOYtR2onQe5ST5t9DUVZbo-1663874868-0-AambKN0VO7BONpPu06EmpMBaL8IuxEWNAQQusW+PaJ7LXvk/sbXe8J9Akv3ylmDJJCiA9haiK5BM5dhlLZ63DhiUFsdstpMSb+MEq/1Uh7MCjT4CSZJoZEIiPPcS+TO68XOvRMvwPCIK/Lm3+Im0KZlqCIKJf5N5FJ+fMW/4GBF59E6G4IgEHR42G2S3FRZdQMQxiD6KO7IFi0RAy4G+CiDic1Om3ridGssOdgKBffHM; path=/; expires=Thu, 22-Sep-22 19:57:48 GMT; domain=.sharethuthuat.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22BoN1aZIg28BaEgt%2BRF2dVecM2fK4ADJcWaEIsUl5wqE4SC6vjWnWAzu0LC3bsOUUNS76NMadY54tjh925upxv9IWpJuL4rKlnwzyrzR%2F6DDQqisk7bDJO8bXKtqTHoG%2Fv%2BtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70a93ee60b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:46 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Tue, 25 May 2021 14:12:58 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aj39XqsbXHX13%2FLcsPqKKARjrr%2BsVNT9ZSnSfQxHhB1NvK0wO03DesE6SL7QyB4y7MBLEgC%2FZC2%2FVx92yxsh73%2Fq7icgKZkTaKQNJH4gaWUulzBOQvb99sEBU1FHRQJxDTNng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987ac30b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/magnific-popup.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/magnific-popup.css?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/css/magnific-popup.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiAvYBuYIRF6Oyws%2F%2F7odfkEKdvPmqVlC73qbkOFtYwPsQJT82UzIci%2FKNrAv9H3pchyFeWbmuN9LlxEjcLK8f8enRJr6H%2BIrVmhNUpB%2FhqKhI96HPGycITlDwmhVlHd3yhseA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988ada0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/pb-temp.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/pb-temp.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/css/pb-temp.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCIJu7BexMCTPN5rZuqz1sBSXCYHljMav5GQFH2XJf%2FU2B1F8%2FQH%2F8L%2BhK8GeD%2FoF%2F25yk2Pk3YwLJdUwxLRdl8j0By8kJhfwH4EIpm8G%2BUDtsKHAXIbytZddOwUCMgvjfbylQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988aef0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTHDynxUhhQs0TiPx1C%2BcMcw1U%2Fve9cmDKDIuBFXKvOiB%2Bkmw3%2BeRPpe8jsqFrdkKFSwfVvD%2B%2BX%2FvLT2FQ5CjaVXaKV1TsqtlfQ%2BUZ9Cde6Acj19qyIpWTUL5lOb0S2XgYvq6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70994c0d0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/main.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/main.js?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/js/main.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGkXrJIF00Pcgx%2BGwdTlTlRb50%2BuunbNl1dteYIInaVq80bobKMdnYvNNutgIupk4pQEe4lpcfTaGbc6QuFVctwNnFYtw1W0g3%2FmNF0DryOMtZJewjisQ2ohjcR%2BjrYBZE18ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c730b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.module.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.module.js?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/js/jquery.module.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2D4vwbJa6PPD1%2BKHwElmJ6RBWE4fSUb9TIWtEic%2FH6xtwlygAL%2BEm5M3NF2RmfeuUvGgIHRVEe70HQg4GxXP%2BO12JPqS7rLw6CdcKvdHFrnMtp6bUWz7i7TdnO8QG%2Bi4Ixgdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c710b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dp1oujDjQnDVkYrkG3cnnOiv0VYz5NCHB40wnG7b0wbCTqLlxCbvBJKd8OApFBNkOUU%2FgLaB9T%2FMSmf46Cuoq3hsL%2FkjSwb36p34Mgz7kNOTmaX1Hif2tm4HhKlwlSq0GKtd0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988af40b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVlBDFy6AyJSZPwBCK7%2FT4yIB0Wc%2BUEu2HP4qqoIdltZzLu%2FTeCKjCKdwPzaMG95QwsC8fFosc4c9s3vhqLKVCtKAWAfAatZNqCAR76REMRbQwxaZRhv%2FPKpSkzoa2DTa56vxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c790b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/uploads/titan-framework-wdc-options-css.css?ver=6.0.1
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/uploads/titan-framework-wdc-options-css.css?ver=6.0.1
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/titan-framework-wdc-options-css.css?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 19 Sep 2022 06:10:11 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfVzSpFLFbrtSuWdZiwohwuSYAh8i1kpSOe07CsHFm1CP5778WzluKyAw7saqqgwXAOPsygmguYt2tMrN%2BdEuKMo%2F%2B7ueIkXVNvHrDM1FRRSAOhTHFO5d4azBHrvp6XvY8d7aA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987abe0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 13 Jul 2022 08:38:24 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A89SjfUPg3D%2F9B%2B4cG68PWhLSJpph66oOT0yWxeUfhDBbV1t%2Fqh7ySziqZ3SG0s9yHuL67OVHgNckJDP4FGOj1qoYw6yt9D7wfpBQpCHcFZugPy1ElWmjT92EHeGah%2BWI1w57g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987aac0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.parallax.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.parallax.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jquery.parallax.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8flzkyzz0yUNOVQvQw6ku358OnM6LeD0DkijRLsvKUvpJCKZpnvfno0cQbAUnYCQgBZnp6aReqwyg4ukZimRB7OpJz4RVSBg2MaxbPSD0MWoidPcC82fs407dWfVwD1s24ybA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c510b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/theia-sticky-sidebar.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/theia-sticky-sidebar.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/theia-sticky-sidebar.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9alHNlE056qosAXxDPWrWNKO9767vZXIhRf%2F6s8GEMfbi8Qv4hC3k1CwLMnGQuB25ZJeuAy%2BSMtGmOU43DoEladTGiNpIdj0yL%2BnhFykc%2B2u103CHPGAD4fNsFQKgXOnVy9oNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c470b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.2.9
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.2.9
IP 142.250.74.10:0
GET /css?family=Roboto%3Aregular%2C500%2C700%2C500%2Cregular&display=swap&ver=1.2.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 19:27:46 GMT
date: Thu, 22 Sep 2022 19:27:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/responsive.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/responsive.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/css/responsive.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA6bANSPi9l3kI1aFyAsrfigztobAclxF8%2FSb73XHuFOqg0T9OG7U2cxeMJYrSO8mTOymPHFmqTkQI6COxjpm11G4yw3NNlDnijUDbld28SYWPDa8RgcSmkSAIuK2vyK6cdfiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988aed0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/chosen/chosen.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/chosen/chosen.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/css/chosen/chosen.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynAAMx0YA0YcAz6i9zrgcy5IcWg9sIoj%2BeuLTNaUiNmvkN9aq%2BWx394tpbXB9wnp3TLjd3zDbAoBC8%2B7t7pTO2OmqJov6LX5ESU4yiThib981yqujnVhW%2BZC%2Ff2xVEKJAJVcog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988ae20b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/mts-wp-notification-bar/public/js/jquery.cookie.js?ver=1.2.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/mts-wp-notification-bar/public/js/jquery.cookie.js?ver=1.2.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mts-wp-notification-bar/public/js/jquery.cookie.js?ver=1.2.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 28 Nov 2021 05:43:48 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVovDh6RWYmbIyG71gJQvAArBjG%2Fx99lQTu74PB8C8WTIP1bQL6RvHPHFZwU%2B9og%2Bg7nVil33JDp2XmwYcS5z%2BWxvd5ZrKDZNzPLgAvlHcWlHlRSx%2FD4kxe5eITW0v3%2FaB%2BP2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70989af80b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.jnewsgif.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.jnewsgif.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jquery.jnewsgif.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiUYr%2B4PsBOAbXOcP0Ma7iVePzbq%2FNS9%2FrmEaRQDl2AThVJu%2FQG6C0xQbUXNmWNCm1z5w24azSNOjBLNQs9nSYuBw3NSXBzPYOHVFrFwQLK%2Fd9WcU%2FDDenakc3awRw8bgmWskQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c690b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.waypoints.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.waypoints.js?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/js/jquery.waypoints.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUKhg8VrzxlnwmNqrUO432dXiSdnQnNJyywS7aJPKKXMbcZd9pTD3%2F%2F%2Fc6uY3yOUJGDrjnbKb4a7ujuKc5JBGJ9FlB39xmXrCCiPaTSFCZecuhsHINvXPICiKv7RPDNDqOQ4dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c4a0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/style.css?ver=5.1.2
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/style.css?ver=5.1.2
IP 104.21.48.102:0
GET /wp-content/plugins/wp-domain-checker/assets/style.css?ver=5.1.2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 02 Jan 2022 08:29:06 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apuVnJv8ZQcQiSBvpj39CqUGRK66XA%2Fa4mCOqLCIknsqh2kncjrMATKnq2LxOC0Ye5QaZfsIjcojh9BFN%2FFLosTG0jHxCAjtFhSv3x733JqQw3wjcOunZ2J%2F3f61BmRa6wkSoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70995c290b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/fonts/jegicon/jegicon.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/fonts/jegicon/jegicon.css?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/fonts/jegicon/jegicon.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kM4Fy8Ka9d%2BYzHAL29qKs0oGTFZSihDLr5CT85Nj5%2FHmEz9bopAV%2BjUa%2BJfEcspuPw2EHTAFgyKbdMUFitIwlyxMlFVZRg1HaeCZcRHmf58Liix3CKXv6lHdB4kwGUR2orab3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988ad30b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 02 Nov 2020 01:27:23 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VntVnQPdE2LPpqBds3o52G0B05BymMXznut9%2B3kE%2B6iuNSD8A1yAk%2FnEZpGIMsKWbRJmw1Mfm9e1bGq7cbiBmMFsnJHuewYfn9dp8lcK6GeggP8svKiDOU0fR9vA0IowdMVKfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c3f0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.mousewheel.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.mousewheel.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jquery.mousewheel.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Fhk8eqzam%2FdOJ04pCCXxht4IV%2FvY5NzTiExbaC%2BrMKbmD6ZdZjCeS5md6Qa0jPn1bzsva6YFFSuN03p5LfJirHPU5lbVRp6AmVK2yqySVoVXMrcUszeBVU1ZaCN77o5wrx7ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c570b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/mts-wp-notification-bar/public/css/font-awesome.min.css?ver=1.2.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/mts-wp-notification-bar/public/css/font-awesome.min.css?ver=1.2.0
IP 104.21.48.102:0
GET /wp-content/plugins/mts-wp-notification-bar/public/css/font-awesome.min.css?ver=1.2.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 28 Nov 2021 05:43:48 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91fqi%2BRmju%2BIZNM0jkPxfDxVVHRiTY6Qvecda2G2FW7saea%2FttNQWdwr4THEIB2slNnxWVydbkPpee9tV65GYA0esFmZL6prmBWhgNHkLFBtTGfbwjJQfxSSiXRoFKCy8bjJzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70986aa60b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Tue, 25 May 2021 14:12:58 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqzj1gdxJ3cocIrzBlY9bBBN2I1ev1oQ%2F%2FHUj%2B8%2FMxDzvgdQAYXD8m3PJ6r5l8v26O8BDWoibpH879jJfawOrr85XQwh8hBwrWP3xSsU%2BL7uFAIq6wWVnXoWf5wuIbpSXJ1aPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70989af70b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Tue, 25 May 2021 14:12:58 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xJoa%2FVuwoj4tPNtdqZlivjABuaWRJL1WRhQivmvUb47UPg%2FsiVpoIuYg%2FHHjO%2FCo1aKVAENyR49faMA3zNT2e5bKU%2FP1RSLqqZV9SZjWqq6kXsuhrHcCfLSQvJ%2F%2BK035g4q0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70995c3a0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider-noconflict.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider-noconflict.js?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider-noconflict.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ont7pxny%2FwR8dtdp%2BxsspF1xMBTbr2mW5sqIpy%2Fi2R14WqXGBJk9Surz1J%2BlMkI5tqsMlsbVTfeVn9ZPeR2yevxVGC30%2Ffi4MODHHEEEfjrhPwwTCX0tmGfn6GPkPrBIcIJbgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c7b0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/modernizr-custom.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/modernizr-custom.js?ver=1.0.0
IP 104.21.48.102:0
GET /wp-content/themes/jnews/assets/js/modernizr-custom.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8ppt3Qa6irsjmXz%2BhL8YRQLY9PQ4t7OpcC%2FThICgZ1Jul3UAMNk8rffcuqNwfflCHwnkgXqV23DdpoL%2FSiTnv0hhRQsw8gaWK4qbvLgZ2WC3V1dCYGsbYnzUlYA8NTmfLeXig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c580b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/mts-wp-notification-bar/public/css/mts-notification-bar-public.css?ver=1.2.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/mts-wp-notification-bar/public/css/mts-notification-bar-public.css?ver=1.2.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mts-wp-notification-bar/public/css/mts-notification-bar-public.css?ver=1.2.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 28 Nov 2021 05:43:48 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkQZWEijswxvYd1%2F7uLkcMTYkyexzw0DTRLxO6hVhKQxyyFcO%2FijCvERYV%2BOV5bwabxLyvhRyl0Jgu%2BcSNY2ww5%2FmCeJHU0SmAhIcu7ApJPNNjjztnAvWI9qm2j6Hu%2BUXquxUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987aa70b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0
IP 104.21.48.102:0
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sun, 17 Apr 2022 13:49:35 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQv9%2BzacAkDEPIPixcitj3kIJINCJ31tMJKAjhKBNA9bPR7PEiilx0d0twM9hNH5e8B5ecO3DX1btTE4odfUHPzoMbY2B4fCAh%2BMzWLnuUDmuZOnWG0GQ45mIu7qAhlr1WBC1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c400b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/slider/jnewsslider.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/slider/jnewsslider.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/css/slider/jnewsslider.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r74scXLqWCQXeWxtg2md9uXVw0C%2BuG6MST1LgBP6JFnR5iA6qHIveF4JHeU4NB1cAIdUHM0dZgzyKOT3Dob%2BHzKKCJt71C%2BSVJ4HYvHIpw1LNDP8eIxHqwAGtrP%2Bj9V7n78hXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70994c190b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/css/dashicons.min.css?ver=6.0.1
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/css/dashicons.min.css?ver=6.0.1
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Tue, 25 May 2021 14:12:58 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD5oa5Q%2B2fxM8aIxQOiBhiAWHzMOI%2FVz9vaxxV%2BMrYnnbUuqJJkI9DdcyYC1oOUPNhXz4L%2F%2FAfPrOhXyFKkmiTjH6%2BnHoLXLnDgC51ti0ar11rpsvYxGfxWa41V%2F7Am9ieKH3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70987ab20b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/css/main.css?ver=5.1.2
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/css/main.css?ver=5.1.2
IP 104.21.48.102:0
GET /wp-content/plugins/wp-domain-checker/assets/css/main.css?ver=5.1.2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:46 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:45 GMT
last-modified: Sat, 01 Jan 2022 03:48:05 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4vE9banpyNUepnqUCoElRIOEPifrPH8vij4voJwR9unbP%2BBrHemAHj6%2BUSf%2BGSZwStJud5WoOgDzfulqa8ZNcBdgAC4X7JghIyaKrCrOmjY65N4YmBamO9ZQliCJDsvVrbLfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70994c240b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/okayNav.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/okayNav.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/css/okayNav.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2YXMzr%2BATjoyp%2BlZP71BmY7BovbMxvfAmTrnjnwXRt173NOsWsGjl1DkCkGJ3iA4dKAZDBeBFgIRbdbOhPUXQFWpJ2AL5IW5YcNH6HxF3HoHd8uxukMPy48WBbz8xUKCPMuGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988ad80b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.1
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.1
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.1 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Wed, 25 May 2022 07:58:44 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2L6NjANJKXoRfzwYBO7cC2O6A%2F1boGcxeDXWb83IfHMTE7d7RDTgZZj%2FnPyxHATM9LKdJIYlMqi5ccLuYbEawyEUKThenhhmg5UICcyot8yslgoiuWJjuDJbfW4qiV9B1%2BAieg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70995c3c0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/darkmode.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/darkmode.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/darkmode.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6H7cCzZ68ElEMude71IegPNQhaSf5hwHZPt5UkT7o0Fi8Z4AP67nra%2FY1PnXy6TYAmm5C3NMkP8BheSs225idJ9n0iWnGV7WEqlddf2OuBY0s5R8CUpRZGam18t7ClBIEhtk0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c740b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.scrollTo.js?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/js/jquery.scrollTo.js?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/js/jquery.scrollTo.js?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:42 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndwJmTovphBQduVcPifaphC3hx2fzz0cxvLA7SAnm3yyk0YCg2n4H4Z%2FWYDbaapOzVMYaLE%2Bkuh7zF08PBsVCl30V4hcWm5pyN%2BqJa2KB8noseewtickdlf0Gut3%2Fd8dr6sKQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70996c4e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/script.js?ver=5.1.2
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/plugins/wp-domain-checker/assets/script.js?ver=5.1.2
IP 104.21.48.102:0
GET /wp-content/plugins/wp-domain-checker/assets/script.js?ver=5.1.2 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Sat, 01 Jan 2022 03:48:05 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lPu822YPjgXulIQg7jOTqX6nt8YsIc9wZyXlbG9ykHE6y8t4xpZ9qpCNVobgXDko0V5T%2Fb0CuXV%2F20%2F%2FZ0n3rvN7Yahj2uIHx7HXtZ48XJgZ8Auv7c84lTq69TY9JU75uZrJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70997c820b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sharethuthuat.com/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
104.21.48.102200 OK 0 B URL HTTP/2 sharethuthuat.com/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
IP 104.21.48.102:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/jnews/assets/css/main.css?ver=1.0.0 HTTP/1.1
Host: sharethuthuat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharethuthuat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 19:27:47 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Sep 2022 19:27:46 GMT
last-modified: Mon, 12 Sep 2022 15:50:43 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4UKFJ0uHa7ikmxp6bb4QGj1KnVxeh0vqpt1p%2FaTiBieohlmf0ZkDy8a%2FEldHHaD2nO1vaPnDbryOlJQycfTEkSz3dVDjTWjTTjsgNV5K8SX1NohLVDH7TlSnlexblqafxb6Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ed70988ae40b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2