r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6919
Expires: Mon, 30 Jan 2023 06:01:50 GMT
Date: Mon, 30 Jan 2023 04:06:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12364
Expires: Mon, 30 Jan 2023 07:32:35 GMT
Date: Mon, 30 Jan 2023 04:06:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 03:43:11 GMT
content-type: application/json
age: 1400
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4419
Expires: Mon, 30 Jan 2023 05:20:10 GMT
Date: Mon, 30 Jan 2023 04:06:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ap7+v+t6kZ9tX7We1PyL/6U4adxONMmYDStN5bM3grnSeIfdnQ0Vwq6c/9XZ+4vLu68tsxDKLFw=
x-amz-request-id: M06KGJWM3R8MEYPW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 03:50:35 GMT
age: 956
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:31 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 03:41:41 GMT
age: 1491
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10159
Expires: Mon, 30 Jan 2023 06:55:51 GMT
Date: Mon, 30 Jan 2023 04:06:32 GMT
Connection: keep-alive
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JyjKyUm9vWh3t1ltYoCbwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hARGG/aOLICTD/EagFor75Ia6aw=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6665
Expires: Mon, 30 Jan 2023 05:57:38 GMT
Date: Mon, 30 Jan 2023 04:06:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6665
Expires: Mon, 30 Jan 2023 05:57:38 GMT
Date: Mon, 30 Jan 2023 04:06:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8d680cbaee5ef3e7b8e09b174ed6ecf
6651a0d3041920798240ea67e827c3d458769fa9
4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3678
x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEvE-RIAMFpmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XbMeLjDaYoPiw42pUbszzOEqWeUdx01NI6zVLJFgp0r3B_2dHHxX-w==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:45 GMT
age: 21288
etag: "6651a0d3041920798240ea67e827c3d458769fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 22511
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf294e5c-6457-4bdc-b8e4-6cde89bb64f8.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf294e5c-6457-4bdc-b8e4-6cde89bb64f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 029e272400d7190359cd2eabbf418188
6300f72a4e44444fc9e4027fb47a85122650b0f2
ef353caae33db21140027a07d1bf3956c2476baaa69c12c1de3c369ac69b13dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf294e5c-6457-4bdc-b8e4-6cde89bb64f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6927
x-amzn-requestid: 6749dadd-1cbd-4e35-9dae-20337098eccf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGjtGWwoAMF87Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf847d-3c470030501c0e572e9f2560;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:10:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EogN6efNByyhDbY4zvYa5Z4ZiFJfmcphq1TO7EdIxFZAG3vQZfjpJA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:46:05 GMT
age: 80428
etag: "6300f72a4e44444fc9e4027fb47a85122650b0f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36ff8d0c9899da25e80edbb858b164de
3e2491c5465f3c427a11c32bdfee27767559bb3f
b060501c6d82e97bd4826a62b790d58cd9d7ece8e1590267bc9b48033f3ce9b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7223
x-amzn-requestid: b05a1db9-29e2-42d0-9eca-9a0f462c87c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3IHtpIAMFUkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e693-7e13d93143b5e666313a4b8f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: plMEbbqV1vxLnOthRyrgLOOwdxH-aFHCP98axvP0RORnE4gtbEkZyg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:52 GMT
age: 21281
etag: "3e2491c5465f3c427a11c32bdfee27767559bb3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 37837
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0729af7c574710c33356c8c3c7757d6
aec801b4158398d2d3222e7247532a1b0ba446e3
057d2ed0960c8d83dda10de975594b21ddeaaf8dcc07a106f3b3c121afb90e57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b7a437-43da-4218-a8ea-3aa936541e3f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8159
x-amzn-requestid: 52245e9a-4ea7-470c-ad88-1051471fc543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvBxGv2oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4920b-6b6d100e11edfa5307b67933;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:10:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qgh4eyT_OHA_N3vH7o37gjmjUpRyJMXzG3pyvKH8pnxjWxu8ykXIRw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:48:34 GMT
age: 83879
etag: "aec801b4158398d2d3222e7247532a1b0ba446e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
patinvietnam.com/urf/QUtpdBzhAa.zip
14.225.27.194301 Moved Permanently 0 B URL HTTP/1.1 patinvietnam.com/urf/QUtpdBzhAa.zip
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /urf/QUtpdBzhAa.zip HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 30 Jan 2023 04:06:34 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-DNS-Prefetch-Control: on
X-Frame-Options: sameorigin
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains ; preload
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://patinvietnam.com/wp-json/>; rel="https://api.w.org/"
X-LiteSpeed-Tag: 120_HTTP.404,120_HTTP.301
Location: https://patinvietnam.com
patinvietnam.com/
14.225.27.194200 OK 22 kB IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7924)
Hash 97ffc02fca997c685212df600c19b55b
8d91449f999c76fd1474090bbb4146fcaa216482
e0f84137bf713f068227491879ed011a3b562ff7cfe0fa69704ac20594c9f557
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/html; charset=UTF-8
content-length: 22065
x-dns-prefetch-control: on
x-frame-options: sameorigin
x-xss-protection: 1
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: no-referrer-when-downgrade
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
x-litespeed-tag: 120_HTTP.200
link: <https://patinvietnam.com/wp-json/>; rel="https://api.w.org/", <https://patinvietnam.com/wp-json/wp/v2/pages/5448>; rel="alternate"; type="application/json", <https://patinvietnam.com/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/9bdffda35047e68b949f33cca9adff65.css?ver=dff65
14.225.27.194200 OK 94 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/9bdffda35047e68b949f33cca9adff65.css?ver=dff65
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with no line terminators
Hash 3d0b9f4b1179e39075a4f2ee9b85a12e
6432d14777043cf1a5b3439b6d79cac85aec8fe5
6cb2fc1b2b8ecfb0596ede0050a14ab999b7283c96e99ece686d4d18b252872d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/9bdffda35047e68b949f33cca9adff65.css?ver=dff65 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
content-length: 94
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
etag: "6313fbbc-5e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/bcd3d4c40eb4bfaa5efe84ec3a8e3c59.css?ver=e3c59
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/bcd3d4c40eb4bfaa5efe84ec3a8e3c59.css?ver=e3c59
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/bcd3d4c40eb4bfaa5efe84ec3a8e3c59.css?ver=e3c59 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
content-length: 0
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
etag: "6313fbbc-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/714e8795c05495d53cac3769f266ae9f.js?ver=6ae9f
14.225.27.194200 OK 768 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/714e8795c05495d53cac3769f266ae9f.js?ver=6ae9f
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with very long lines (531)
Hash 3661e4b2975cf2c1c5d160339be272f3
c30e8e3b51ca8d594b0e3e10410b03b316882abc
222a4d7900f87339fbddba31e5cdbbe53597fdfa08504afb3b8cfb70046c9f63
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/714e8795c05495d53cac3769f266ae9f.js?ver=6ae9f HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 768
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
etag: "6313fbbc-300"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/060a1adf24b5ba7d888afdd9a5e8e8ce.js?ver=8e8ce
14.225.27.194200 OK 552 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/060a1adf24b5ba7d888afdd9a5e8e8ce.js?ver=8e8ce
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type ASCII text, with very long lines (550)
Hash 7a2a08bfe9a3061121881dd7e41870ca
15b51c0248c24f72b92b9aa23bd15749a65f1f2c
7bd549c79e9bc6980d8f88b8e980d59be2076554d8aa6dc3f9d0c52dde4cf4a8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/060a1adf24b5ba7d888afdd9a5e8e8ce.js?ver=8e8ce HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 552
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
etag: "6313fbbc-228"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9a2197-1d4c-4aad-a76e-04d2a1f77b60.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9a2197-1d4c-4aad-a76e-04d2a1f77b60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c400859d7b0e7bf4d60b6b72da0d3b5a
edcc70016fce38a4ad14c3737712685ae1d282f2
45f69c6dcc83120058b731e39103cb1a2a40414eed2da633b43bdccc021665cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9a2197-1d4c-4aad-a76e-04d2a1f77b60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12991
x-amzn-requestid: a5b71869-0509-443a-ada0-2f7a7cfb8166
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj4AEncoAMF_LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e699-24b0a146699561100a8d592f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pQQVkmOF6_GLV-2WHa9jleOYns0XIg1C5o6OBsq5NK90IhuUpJyfdw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:30:54 GMT
age: 20146
etag: "edcc70016fce38a4ad14c3737712685ae1d282f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/uploads/2018/10/V6.png
14.225.27.194200 OK 3.3 kB URL HTTP/2 patinvietnam.com/wp-content/uploads/2018/10/V6.png
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 180 x 44, 8-bit colormap, non-interlaced\012- data
Hash 0586cc6feb736575fd787617085784db
f560d3cdbab55dd767ce5e13d8bf0f30b835513a
ae418a123b468cd9bc124a8d3fe30a84c014a0003ddbb615825a41d98b3f1b51
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/10/V6.png HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: image/png
content-length: 3302
last-modified: Sun, 24 Jul 2022 00:00:56 GMT
etag: "62dc8bb8-ce6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/themes/boxshop/images/ajax-loader.gif
14.225.27.194200 OK 723 B URL HTTP/2 patinvietnam.com/wp-content/themes/boxshop/images/ajax-loader.gif
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type GIF image data, version 89a, 16 x 11\012- data
Hash 4889784689c1b8109f97a0eecf9265f4
3016a58e584a68aa541ec273c6aef9b96413420b
c1cf81bef2ea82eaa43265a5ff786b7cd74e7d5f4f2de104b586f092ca0fb886
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/boxshop/images/ajax-loader.gif HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: image/gif
content-length: 723
last-modified: Wed, 04 May 2016 02:46:14 GMT
etag: "57296276-2d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/themes/boxshop-child/assets/images/icons/phone.png
14.225.27.194200 OK 4.4 kB URL HTTP/2 patinvietnam.com/wp-content/themes/boxshop-child/assets/images/icons/phone.png
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 264270368c2bc39db972a2df83464c5d
c34c20332d51c07071f4832181e422be2c387bc8
f94cfa14bea4ecaa83da6d440b4829a09c0b9a7f56b97e459a7474d6e2ebeebf
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/boxshop-child/assets/images/icons/phone.png HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: image/png
content-length: 4448
last-modified: Thu, 04 Oct 2018 18:42:08 GMT
etag: "5bb65f00-1160"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/themes/boxshop-child/assets/images/icons/messenger.png
14.225.27.194200 OK 4.4 kB URL HTTP/2 patinvietnam.com/wp-content/themes/boxshop-child/assets/images/icons/messenger.png
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ef79d6c908a404055cb8dff4af3284c
9607c7925646bb077ea285210bf7a65c024e546c
0c49debc93957e6bffc90b344bb502031956b1ddcb9b6186213dbcb0ccbcc638
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/boxshop-child/assets/images/icons/messenger.png HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: image/png
content-length: 4408
last-modified: Thu, 04 Oct 2018 18:40:04 GMT
etag: "5bb65e84-1138"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/themes/boxshop-child/assets/images/icons/zalo.png
14.225.27.194200 OK 3.0 kB URL HTTP/2 patinvietnam.com/wp-content/themes/boxshop-child/assets/images/icons/zalo.png
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a15d6b0d114d9921c526665a6b378c4
f9d1e4c5683d26e2878512555f9f293fcf9add53
76224b5650510c44cbcb171ced578356becaa4df9ae7078ab09ac3a4c99ea6fe
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/boxshop-child/assets/images/icons/zalo.png HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: image/png
content-length: 3047
last-modified: Thu, 04 Oct 2018 18:43:12 GMT
etag: "5bb65f40-be7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/themes/boxshop-child/assets/images/icons/location.png
14.225.27.194200 OK 3.4 kB URL HTTP/2 patinvietnam.com/wp-content/themes/boxshop-child/assets/images/icons/location.png
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash f32df72155e19f479734a134319a9251
1b3d434eb872b2992ef84c528b4ceff6989a7fbd
53dbf361f13f741e05c539ac3b76d7357c565e7ae406ecefb4e85c452a527077
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/boxshop-child/assets/images/icons/location.png HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: image/png
content-length: 3387
last-modified: Thu, 04 Oct 2018 18:39:24 GMT
etag: "5bb65e5c-d3b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/uploads/2018/10/payment.png
14.225.27.194200 OK 2.4 kB URL HTTP/2 patinvietnam.com/wp-content/uploads/2018/10/payment.png
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File type PNG image data, 293 x 19, 8-bit colormap, non-interlaced\012- data
Hash 3c9a41795fd72b4bd19cb2be0f173970
94033e4a5f83cbbd9a5c1fbc36ecda2e2aa9fb09
aaf8512d86a8ee0841930bf7345fdc1c481b0588d66887cbfd3d7fb4b9d6696d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2018/10/payment.png HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: image/png
content-length: 2413
last-modified: Mon, 01 Aug 2022 14:05:20 GMT
etag: "62e7dda0-96d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 04:06:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
patinvietnam.com/wp-content/litespeed/js/a719bfeca338af22b7084c25de3b5dd5.js?ver=b5dd5
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/a719bfeca338af22b7084c25de3b5dd5.js?ver=b5dd5
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/a719bfeca338af22b7084c25de3b5dd5.js?ver=b5dd5 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-12195"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/c237b428168af5d6259ef336a42f0237.css?ver=f0237
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/c237b428168af5d6259ef336a42f0237.css?ver=f0237
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/c237b428168af5d6259ef336a42f0237.css?ver=f0237 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-771ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/0b2b52794a22bfe519ab8cd8df3d7833.css?ver=d7833
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/0b2b52794a22bfe519ab8cd8df3d7833.css?ver=d7833
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/0b2b52794a22bfe519ab8cd8df3d7833.css?ver=d7833 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-13df2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/a0a2fcc3ebb43dddddd75e4dc5bac452.js?ver=ac452
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/a0a2fcc3ebb43dddddd75e4dc5bac452.js?ver=ac452
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/a0a2fcc3ebb43dddddd75e4dc5bac452.js?ver=ac452 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-253f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/f3a0608276b3b9cd3f4fe4f0d11b335d.js?ver=b335d
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/f3a0608276b3b9cd3f4fe4f0d11b335d.js?ver=b335d
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/f3a0608276b3b9cd3f4fe4f0d11b335d.js?ver=b335d HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-6179"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/0295c9bfa24eae0b6d15f9c8323528b3.js?ver=528b3
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/0295c9bfa24eae0b6d15f9c8323528b3.js?ver=528b3
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/0295c9bfa24eae0b6d15f9c8323528b3.js?ver=528b3 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-5749"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/83cdb7e333d2d15087b0630b6ba27c0e.js?ver=27c0e
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/83cdb7e333d2d15087b0630b6ba27c0e.js?ver=27c0e
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/83cdb7e333d2d15087b0630b6ba27c0e.js?ver=27c0e HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 03 Sep 2022 17:39:04 GMT
vary: Accept-Encoding
etag: W/"63139138-1843"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/5a45bea29bb71e56786291ede0b239d5.css?ver=239d5
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/5a45bea29bb71e56786291ede0b239d5.css?ver=239d5
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/5a45bea29bb71e56786291ede0b239d5.css?ver=239d5 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-8a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/cbdd925f57bdfed98c832202d39d0bc6.css?ver=d0bc6
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/cbdd925f57bdfed98c832202d39d0bc6.css?ver=d0bc6
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/cbdd925f57bdfed98c832202d39d0bc6.css?ver=d0bc6 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-e43"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/95549621d93e0ae83d768ce00395cc41.css?ver=5cc41
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/95549621d93e0ae83d768ce00395cc41.css?ver=5cc41
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/95549621d93e0ae83d768ce00395cc41.css?ver=5cc41 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-7a14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/9afd4013036d1edc742590d7f281a7a7.css?ver=1a7a7
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/9afd4013036d1edc742590d7f281a7a7.css?ver=1a7a7
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/9afd4013036d1edc742590d7f281a7a7.css?ver=1a7a7 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-5665"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/8e931b1610525726cad18ba58f06fc14.css?ver=6fc14
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/8e931b1610525726cad18ba58f06fc14.css?ver=6fc14
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/8e931b1610525726cad18ba58f06fc14.css?ver=6fc14 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-3a0f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/201f675186cd883e711852afdac792ec.js?ver=792ec
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/201f675186cd883e711852afdac792ec.js?ver=792ec
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/201f675186cd883e711852afdac792ec.js?ver=792ec HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-11fc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/04e7b0b8523c33234f5d6b6f185b25d2.js?ver=b25d2
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/04e7b0b8523c33234f5d6b6f185b25d2.js?ver=b25d2
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/04e7b0b8523c33234f5d6b6f185b25d2.js?ver=b25d2 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-a8ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/618f771deeac1ed793f742dc4c7e768f.js?ver=e768f
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/618f771deeac1ed793f742dc4c7e768f.js?ver=e768f
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/618f771deeac1ed793f742dc4c7e768f.js?ver=e768f HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-2e7e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/6ce434ff1f607ddfb43612eb62990763.css?ver=90763
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/6ce434ff1f607ddfb43612eb62990763.css?ver=90763
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/6ce434ff1f607ddfb43612eb62990763.css?ver=90763 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-d4fe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/414e7fdecd5fd9e6d2e850327443a8ba.css?ver=3a8ba
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/414e7fdecd5fd9e6d2e850327443a8ba.css?ver=3a8ba
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/414e7fdecd5fd9e6d2e850327443a8ba.css?ver=3a8ba HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-29bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/4bf5c93e3073d1371b0bec5f2fc19410.js?ver=19410
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/4bf5c93e3073d1371b0bec5f2fc19410.js?ver=19410
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/4bf5c93e3073d1371b0bec5f2fc19410.js?ver=19410 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-194d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/9933433353f9bc951d71d5f92e1214be.js?ver=214be
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/9933433353f9bc951d71d5f92e1214be.js?ver=214be
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/9933433353f9bc951d71d5f92e1214be.js?ver=214be HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-4ac8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/a388fb9edbf9e604d7d263f7cd245521.css?ver=45521
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/a388fb9edbf9e604d7d263f7cd245521.css?ver=45521
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/a388fb9edbf9e604d7d263f7cd245521.css?ver=45521 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-332c9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/777b379cb575677dd04d11d51b1fedd3.css?ver=fedd3
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/777b379cb575677dd04d11d51b1fedd3.css?ver=fedd3
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/777b379cb575677dd04d11d51b1fedd3.css?ver=fedd3 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-177f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/72139841693abe16db9c27a92b4d2692.css?ver=d2692
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/72139841693abe16db9c27a92b4d2692.css?ver=d2692
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/72139841693abe16db9c27a92b4d2692.css?ver=d2692 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-675"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/260c4a1c23dc2fe9de42de39d6d3f4de.js?ver=3f4de
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/260c4a1c23dc2fe9de42de39d6d3f4de.js?ver=3f4de
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/260c4a1c23dc2fe9de42de39d6d3f4de.js?ver=3f4de HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-5424"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/751c8a2199fa3a611d04a94c40e5a5ce.js?ver=5a5ce
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/751c8a2199fa3a611d04a94c40e5a5ce.js?ver=5a5ce
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/751c8a2199fa3a611d04a94c40e5a5ce.js?ver=5a5ce HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-3518"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 04 Aug 2022 01:30:08 GMT
vary: Accept-Encoding
etag: W/"62eb2120-2f42"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/1a13060b5fe47fa2fa543d5beeb52e2a.css?ver=52e2a
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/1a13060b5fe47fa2fa543d5beeb52e2a.css?ver=52e2a
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/1a13060b5fe47fa2fa543d5beeb52e2a.css?ver=52e2a HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-1345"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/3e28bc9b016dec37292735365faa58ee.css?ver=a58ee
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/3e28bc9b016dec37292735365faa58ee.css?ver=a58ee
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/3e28bc9b016dec37292735365faa58ee.css?ver=a58ee HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-1d807"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/1d522a5015663eb21141cd5ec39f7127.js?ver=f7127
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/1d522a5015663eb21141cd5ec39f7127.js?ver=f7127
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/1d522a5015663eb21141cd5ec39f7127.js?ver=f7127 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-2bd9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/0d251b95878d223d6cc8fa53552e6959.css?ver=e6959
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/0d251b95878d223d6cc8fa53552e6959.css?ver=e6959
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/0d251b95878d223d6cc8fa53552e6959.css?ver=e6959 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-d2d2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/3cee3e0fba6eda39e17587e2797416c4.js?ver=416c4
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/3cee3e0fba6eda39e17587e2797416c4.js?ver=416c4
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/3cee3e0fba6eda39e17587e2797416c4.js?ver=416c4 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-8ee7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/f0de2a1d7735dc30df5369ba8528313b.js?ver=8313b
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/f0de2a1d7735dc30df5369ba8528313b.js?ver=8313b
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/f0de2a1d7735dc30df5369ba8528313b.js?ver=8313b HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-4cfc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/0f477d5e3a65835977a5950094e85687.js?ver=85687
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/0f477d5e3a65835977a5950094e85687.js?ver=85687
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/0f477d5e3a65835977a5950094e85687.js?ver=85687 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-3a51"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/228761217f7ae80db449745678a8868e.js?ver=8868e
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/228761217f7ae80db449745678a8868e.js?ver=8868e
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/228761217f7ae80db449745678a8868e.js?ver=8868e HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-1f6e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/017678f7be6acce55acb3ce223acea89.css?ver=cea89
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/017678f7be6acce55acb3ce223acea89.css?ver=cea89
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/017678f7be6acce55acb3ce223acea89.css?ver=cea89 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-6eab1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/bf6b402edd6e318434d8ed3a98f68d18.js?ver=68d18
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/bf6b402edd6e318434d8ed3a98f68d18.js?ver=68d18
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/bf6b402edd6e318434d8ed3a98f68d18.js?ver=68d18 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-5591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/4daf6a49bfe0ceddab2742a2e900e5e5.js?ver=0e5e5
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/4daf6a49bfe0ceddab2742a2e900e5e5.js?ver=0e5e5
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/4daf6a49bfe0ceddab2742a2e900e5e5.js?ver=0e5e5 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-72c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/774c673283d8ea02a97f7e817c0c3495.js?ver=c3495
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/774c673283d8ea02a97f7e817c0c3495.js?ver=c3495
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/774c673283d8ea02a97f7e817c0c3495.js?ver=c3495 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-24098"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/76e1778098fa1abf4ada6bd5a8ca87b0.js?ver=a87b0
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/76e1778098fa1abf4ada6bd5a8ca87b0.js?ver=a87b0
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/76e1778098fa1abf4ada6bd5a8ca87b0.js?ver=a87b0 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-49e1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/3353f45ca4eee890a42b63ff2026ceac.js?ver=6ceac
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/3353f45ca4eee890a42b63ff2026ceac.js?ver=6ceac
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/3353f45ca4eee890a42b63ff2026ceac.js?ver=6ceac HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-53e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/css/a60d6e38c57fec93e8b172bf8c36eae0.css?ver=6eae0
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/css/a60d6e38c57fec93e8b172bf8c36eae0.css?ver=6eae0
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/css/a60d6e38c57fec93e8b172bf8c36eae0.css?ver=6eae0 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-e1f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-includes/js/jquery/jquery.min.js
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-includes/js/jquery/jquery.min.js
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 23 Jul 2022 09:49:58 GMT
vary: Accept-Encoding
etag: W/"62dbc446-15db1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
patinvietnam.com/wp-content/litespeed/js/a0db1180955b21cde8163fd5bea09074.js?ver=09074
14.225.27.194200 OK 0 B URL HTTP/2 patinvietnam.com/wp-content/litespeed/js/a0db1180955b21cde8163fd5bea09074.js?ver=09074
IP 14.225.27.194:0
ASN #135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/litespeed/js/a0db1180955b21cde8163fd5bea09074.js?ver=09074 HTTP/1.1
Host: patinvietnam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patinvietnam.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 04:06:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 04 Sep 2022 01:13:32 GMT
vary: Accept-Encoding
etag: W/"6313fbbc-bdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2