Report - khuyenmai.xn--napth-fsa.vn/

Report Overview

Submitted URL
khuyenmai.xn--napth-fsa.vn/
IP
172.67.130.253
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-31 01:19:22
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-05-30	422 B	20 kB	151.101.1.229
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-05-30	358 B	1.9 kB	104.18.20.226
khuyenmai.xn--napth-fsa.vn	unknown	unknown	2023-01-31	2023-05-02	4.5 kB	411 kB	104.21.9.183
ocsps.ssl.com	14517	1997-05-23	2018-11-21	2023-05-30	981 B	6.6 kB	34.237.184.165
cdngarenanow-a.akamaihd.net	6968	2009-09-14	2017-01-31	2023-05-26	2.8 kB	218 kB	23.36.76.187
cdn.vn.garenanow.com	74387	2010-09-27	2013-11-06	2023-05-26	460 B	55 kB	203.162.56.72
cdn-gop.garenanow.com	unknown	2010-09-27	2023-01-26	2023-05-20	459 B	75 kB	27.126.192.213

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/
2023-05-30	medium	khuyenmai.xn--napth-fsa.vn/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/sweetalert2@11	66 kB	2023-05-31	2023-05-31
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 03:19:24 Last Seen2023-05-31 09:47:24 Times Seen4 Hash b77b911187acf7dbc43e51e5045b35aa 3b39df9072b502d7ea4d8312e915adb406b06c96 1e2d57894744e595312535ead1879d7de297311acd389e8d15ae8fd12aaf6b6f Loading...

	khuyenmai.xn--napth-fsa.vn/js/kensine.js	101 kB	2023-03-10	2023-11-10
Pretty URL khuyenmai.xn--napth-fsa.vn/js/kensine.js IP 104.21.9.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:06:45 Last Seen2023-11-10 04:52:42 Times Seen128 Hash 08e463af2e6c57ce1f3e897d41886f30 3aab4b4023019ee6f4df0b804afa76efad8e7f1d fd64d6b99d7adb77f3670043ff1db3729d758130e130c25702d74eccb67c5eb0 Loading...

	khuyenmai.xn--napth-fsa.vn/	888 B	2023-04-07	2023-10-21
Pretty URL khuyenmai.xn--napth-fsa.vn/ IP 104.21.9.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 19:09:26 Last Seen2023-10-21 02:13:37 Times Seen57 Hash 67816ee8dfaa29771f32a6c39f1f8ed6 448ac4cf2ed3e91386299e1775f976efa7d1d58b 2d87a833d894f1fbceeb19f3e146895b4a79423a9fa058ae6989eed55da609a0 Loading...

	khuyenmai.xn--napth-fsa.vn/	2 B	2023-03-07	2024-04-19
Pretty URL khuyenmai.xn--napth-fsa.vn/ IP 104.21.9.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-19 15:45:34 Times Seen13037 Hash e1c06d85ae7b8b032bef47e42e4c08f9 71853c6197a6a7f222db0f1978c7cb232b87c5ee 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Loading...

	khuyenmai.xn--napth-fsa.vn/js/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL khuyenmai.xn--napth-fsa.vn/js/jquery-3.2.1.min.js IP 104.21.9.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:33 Last Seen2024-04-19 11:20:38 Times Seen975 Hash 27a8f25e65bfe1872ebd62e021a0c6ca 9f835084914c0f4403a080fb7de4abe0d210adf8 d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f Loading...

	khuyenmai.xn--napth-fsa.vn/js/bootstrap.min.js	37 kB	2023-03-07	2023-10-23
Pretty URL khuyenmai.xn--napth-fsa.vn/js/bootstrap.min.js IP 104.21.9.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:08:42 Last Seen2023-10-23 04:33:35 Times Seen172 Hash 35e78bb2df69fc12053f9778e2ff2a93 ae8c8a930fd890ee61a9c82a7e85dd22918db7a6 9c7467cb2e579a31a8c0ab41c8557559bf538340fbb8632f6aa2b977aa22bf0a Loading...

	khuyenmai.xn--napth-fsa.vn/js/custom1.js	268 B	2023-03-10	2023-10-21
Pretty URL khuyenmai.xn--napth-fsa.vn/js/custom1.js IP 104.21.9.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:06:45 Last Seen2023-10-21 02:13:37 Times Seen69 Hash 175c9ac94d0be26a710753e511f92f05 1ebc0453ec709a50ae46fb9de4d5e6a642f46331 9f43bd89f34459391987b8760a4f36c308914bd71a49f0abade5ad9743dc4681 Loading...

HTTP Transactions (23)

URL IP Response Size

cdn.jsdelivr.net/npm/sweetalert2@11

151.101.1.229

200 OK

19 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (43741)
Size
19 kB (19362 bytes)
Hash
b77b911187acf7dbc43e51e5045b35aa
3b39df9072b502d7ea4d8312e915adb406b06c96
1e2d57894744e595312535ead1879d7de297311acd389e8d15ae8fd12aaf6b6f

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.7.9
x-jsd-version-type: version
etag: W/"ffbe-OznfkHK1AtfqTYMS6RWttAawbJY"
content-encoding: br
accept-ranges: bytes
date: Wed, 31 May 2023 01:19:05 GMT
age: 6075
x-served-by: cache-fra-eddf8230029-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19362
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

1.5 kB

URL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
495b914f4eed6617b7b0b5dba1510971
9d59419d0cba23bff0c89124cc2d059241f8b855
0fd3c4e815e002f7842720e12fe5dde177ab3dfeeab5ad5281211ddd503978d8

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 31 May 2023 01:19:05 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F2776D76B6811E1F3E3B351F687FE7D6EF757E86"
Expires: Wed, 31 May 2023 12:00:00 GMT
Last-Modified: Wed, 31 May 2023 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1003
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cfb62fb7aff1c06-OSL

khuyenmai.xn--napth-fsa.vn/images/logo.png

104.21.9.183

200 OK

5.2 kB

URL GET HTTP/3
khuyenmai.xn--napth-fsa.vn/images/logo.png
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
PNG image data, 436 x 116, 8-bit colormap, non-interlaced\012- data
Size
5.2 kB (5162 bytes)
Hash
354ed116f25561b4e435946a16c22de2
8763e63fa09f70464fd18a829c567dc937c8568d
2b0c37cc261fda4df56b59985c7f620d201b621dffbd6f52f01be61d020e8ad5

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 31 May 2023 01:19:05 GMT
content-type: image/png
content-length: 5162
cache-control: public, max-age=2629000
expires: Wed, 07 Jun 2023 01:19:05 GMT
last-modified: Wed, 01 Feb 2023 05:21:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6Z%2F%2BdVQ7IPClcJVmRcsqdKYG3CdKuBHamRCD1Q4oclpjgOKa9hhKJd7l3WSv7HnXrCg66bdsY4gnd42H%2FFlN7UoRESOnnXOaZfvf%2FR5IMXu70Mx9fKjZFML0VD7eC%2BwX68Qm4Po5cmBlx8VJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cfb62f96b63fabc-OSL
alt-svc: h3=":443"; ma=86400

ocsps.ssl.com/

34.237.184.165

1.8 kB

URL
ocsps.ssl.com/
IP
34.237.184.165:0
ASN
#14618 AMAZON-AES

File type
data
Size
1.8 kB (1810 bytes)
Hash
216b78feb7a82eba5b10f82c6751893e
f9b9badb0d8b12990c623f50cd6ed00117c2ab13
27cb691f6ba6e291a2c68a1cd894f6eae77cc345e28addd6052c272283ec3dd9

HTTP Headers

POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 May 2023 01:19:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Tue, 06 Jun 2023 10:42:13 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "f9b9badb0d8b12990c623f50cd6ed00117c2ab13"
Last-Modified: Tue, 30 May 2023 10:42:14 GMT
X-Proxy-Cache: HIT

ocsps.ssl.com/

34.237.184.165

1.8 kB

URL
ocsps.ssl.com/
IP
34.237.184.165:0
ASN
#14618 AMAZON-AES

File type
data
Size
1.8 kB (1810 bytes)
Hash
bdf4ffd6a66491dc4f104c6b0d045d1e
bddfa52873f8edd60aa943cd02fe3f564aad2052
d0bdaee66dd8336152812d5147d8096f39ac37443122768bfea0d6ddd1c1f055

HTTP Headers

POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 May 2023 01:19:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Tue, 06 Jun 2023 10:17:08 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "bddfa52873f8edd60aa943cd02fe3f564aad2052"
Last-Modified: Tue, 30 May 2023 10:17:09 GMT
X-Proxy-Cache: HIT

cdngarenanow-a.akamaihd.net/gop/app/0000/100/072/icon.png

23.36.76.187

12 kB

URL GET
cdngarenanow-a.akamaihd.net/gop/app/0000/100/072/icon.png
IP
23.36.76.187:0
ASN
#20940 Akamai International B.V.

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12165 bytes)
Hash
a58ef4bec336f80c4d6d1e58e26f2fb7
7b4b5d9c33e509ae408b7853835ea6bc7822a596
02210273cd394a40ec9850a02dfafea17d058d04d1bd3d8687a4ae6178a4b2db

HTTP Headers

GET /gop/app/0000/100/072/icon.png HTTP/1.1
Host: cdngarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "a58ef4bec336f80c4d6d1e58e26f2fb7:1542179331.50711"
last-modified: Wed, 14 Nov 2018 07:08:51 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 12165
date: Wed, 31 May 2023 01:19:06 GMT
vary: Accept-Encoding
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdngarenanow-a.akamaihd.net/gop/app/0000/032/834/icon.png

23.36.76.187

53 kB

URL GET
cdngarenanow-a.akamaihd.net/gop/app/0000/032/834/icon.png
IP
23.36.76.187:0
ASN
#20940 Akamai International B.V.

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
53 kB (53269 bytes)
Hash
92f2987585b785d88aed9ecd039534cf
8d9cb36f66ed90ce88783a2d4717e2b181297b4d
4683513a85305378b605de1cf15e8140b6ec6341b6664404a2bde9af04a73caa

HTTP Headers

GET /gop/app/0000/032/834/icon.png HTTP/1.1
Host: cdngarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "92f2987585b785d88aed9ecd039534cf:1503629912"
last-modified: Fri, 25 Aug 2017 02:58:32 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 53269
date: Wed, 31 May 2023 01:19:06 GMT
vary: Accept-Encoding
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2

khuyenmai.xn--napth-fsa.vn/

104.21.9.183

200 OK

14 kB

URL User Request GET HTTP/2
khuyenmai.xn--napth-fsa.vn/
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (563), with CRLF line terminators
Size
14 kB (13959 bytes)
Hash
0480d71bb5eced34aab810b1adccaa2b
768023721293aa8324cf774cd930b8e6ff9bff6d
e93e4032aa104d19c56d5e409e13c5125fc552fff9e763db74828015f74b6ebf

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET / HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 31 May 2023 01:19:04 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMIzkWeo09MZg%2BiI79X4ESfhQzw7JlapKugGlIRltM2HfFHDjNJoyfQ8EQMDYq7a2%2BkrLgZGo5urjjsUvhjWpgV%2BmS%2FLM6MiOpKlgMFebVSbE1m6J0aJNpzyWzc0zWqERfAST1upniYnLM3xjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfb62f49ec1b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdngarenanow-a.akamaihd.net/gop/app/0000/100/054/icon.png

23.36.76.187

74 kB

URL GET
cdngarenanow-a.akamaihd.net/gop/app/0000/100/054/icon.png
IP
23.36.76.187:0
ASN
#20940 Akamai International B.V.

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
74 kB (73720 bytes)
Hash
5ed302fed9de61563070b6c9845ff2bf
6887ebc061e2ab337b524013eb0459ab95c1bf7b
bb3a9d9ed98e02a9e0f740c05a20df1f7063872ae053c2e46acb0a481a774aa3

HTTP Headers

GET /gop/app/0000/100/054/icon.png HTTP/1.1
Host: cdngarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "5ed302fed9de61563070b6c9845ff2bf:1678953773.742484"
last-modified: Thu, 16 Mar 2023 08:02:53 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 73720
date: Wed, 31 May 2023 01:19:06 GMT
vary: Accept-Encoding
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdngarenanow-a.akamaihd.net/gop/app/0000/100/067/icon.png

23.36.76.187

70 kB

URL GET
cdngarenanow-a.akamaihd.net/gop/app/0000/100/067/icon.png
IP
23.36.76.187:0
ASN
#20940 Akamai International B.V.

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
70 kB (70257 bytes)
Hash
3b6afdcdc22bc913270e091dab48db3b
b44f5b93d69c683fc78c38d51e49e5b1bad356f1
c4d12cbc5277e03492a166819b4413d39d0e299634e811f0c613a4a36c3fba00

HTTP Headers

GET /gop/app/0000/100/067/icon.png HTTP/1.1
Host: cdngarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "3b6afdcdc22bc913270e091dab48db3b:1679560791.583104"
last-modified: Thu, 23 Mar 2023 08:39:51 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 70257
date: Wed, 31 May 2023 01:19:06 GMT
vary: Accept-Encoding
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdngarenanow-a.akamaihd.net/gop/app/0000/032/837/icon.png

23.36.76.187

6.4 kB

URL GET
cdngarenanow-a.akamaihd.net/gop/app/0000/032/837/icon.png
IP
23.36.76.187:0
ASN
#20940 Akamai International B.V.

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6424 bytes)
Hash
e36b7de9f03353fb9617300c072fd150
92482899011963bc323b90ad68d2f86da46d43cd
33e31fd4441010b4d2480d0e760dfc9af8138b6e2d71d57d9917a85890da0b75

HTTP Headers

GET /gop/app/0000/032/837/icon.png HTTP/1.1
Host: cdngarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "e36b7de9f03353fb9617300c072fd150:1529456455.786054"
last-modified: Wed, 20 Jun 2018 01:00:55 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 6424
date: Wed, 31 May 2023 01:19:06 GMT
vary: Accept-Encoding
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.vn.garenanow.com/web/napthevn/sp_pc_15092022.jpg

203.162.56.72

200 OK

55 kB

URL GET HTTP/1.1
cdn.vn.garenanow.com/web/napthevn/sp_pc_15092022.jpg
IP
203.162.56.72:443
ASN
#7643 Vietnam Posts and Telecommunications VNPT

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerSSL Corporation
Subjectcdn.vn.garenanow.com
Fingerprint4D:25:AB:22:6C:32:4E:35:93:76:95:B9:69:85:72:12:53:DD:67:EC
ValidityThu, 17 Nov 2022 02:54:32 GMT - Fri, 17 Nov 2023 02:54:32 GMT

File type
JPEG image data, progressive, precision 8, 900x100, components 3\012- data
Size
55 kB (54724 bytes)
Hash
838dd26f091aa816a3b05600ec88bd6f
82a26d8ad89767d47b1b194e6776413dfa10184e
5df88ec3e4a298c1006832cbf2b510786b4b66192339f5f10fe239e00ab27b0b

HTTP Headers

GET /web/napthevn/sp_pc_15092022.jpg HTTP/1.1
Host: cdn.vn.garenanow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 May 2023 01:19:06 GMT
Content-Type: image/jpeg
Content-Length: 54724
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 09:20:21 GMT
ETag: "63243fd5-d5c4"
X-Cache-Status: HIT
X-Handled-By: cdn-master
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

ocsps.ssl.com/

34.237.184.165

1.8 kB

URL
ocsps.ssl.com/
IP
34.237.184.165:0
ASN
#14618 AMAZON-AES

File type
data
Size
1.8 kB (1810 bytes)
Hash
b71a2cf267a87e6ef4a8413248ce15e2
ced5d71193a1a1c19358e0950b9893ca07caad1a
679c0ed6d3471e292188d8dd5b99747cd3417f92b3c9edcc17d4afa933e5d4b7

HTTP Headers

POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 May 2023 01:19:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1810
Connection: keep-alive
Expires: Tue, 06 Jun 2023 11:38:39 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "ced5d71193a1a1c19358e0950b9893ca07caad1a"
Last-Modified: Tue, 30 May 2023 11:38:40 GMT
X-Proxy-Cache: HIT

cdn-gop.garenanow.com/gop/app/0000/100/137/icon.png

27.126.192.213

200 OK

75 kB

URL GET HTTP/1.1
cdn-gop.garenanow.com/gop/app/0000/100/137/icon.png
IP
27.126.192.213:443
ASN
#45474 NEXUSGUARD LIMITED

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerSSL Corporation
Subjectcdn-gop.garenanow.com
Fingerprint0C:C7:DD:A0:87:28:4A:35:4F:6C:DA:85:07:CF:8E:6B:E2:1C:EE:8A
ValidityWed, 15 Mar 2023 03:29:59 GMT - Thu, 14 Mar 2024 03:29:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
75 kB (74636 bytes)
Hash
0d1b65b3079f4492e80e8ed8d2bb2d75
4acbb1d95a69ea64d2e6d48c7aad5400efa3611b
cf684a15363b57bc1951fd8fd9d77a9bb5f255f48ca703e894a87b584a1dd2e4

HTTP Headers

GET /gop/app/0000/100/137/icon.png HTTP/1.1
Host: cdn-gop.garenanow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 000001886F63260D98135C822FCA0985
Accept-Ranges: bytes
ETag: "0d1b65b3079f4492e80e8ed8d2bb2d75"
Last-Modified: Mon, 09 Jan 2023 07:39:12 GMT
Content-Type: image/png
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS4Fv0HdzrjOfO97GSQbLjj4GU+lACvo
Date: Wed, 31 May 2023 01:19:08 GMT
Content-Length: 74636
Access-Control-Allow-Origin: *

khuyenmai.xn--napth-fsa.vn/js/jquery-3.2.1.min.js

104.21.9.183

200 OK

87 kB

URL GET HTTP/3
khuyenmai.xn--napth-fsa.vn/js/jquery-3.2.1.min.js
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32058), with CRLF line terminators
Size
87 kB (86661 bytes)
Hash
27a8f25e65bfe1872ebd62e021a0c6ca
9f835084914c0f4403a080fb7de4abe0d210adf8
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /js/jquery-3.2.1.min.js HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 31 May 2023 01:19:05 GMT
content-type: application/javascript
cache-control: public, max-age=3600
expires: Wed, 07 Jun 2023 01:19:05 GMT
last-modified: Wed, 01 Feb 2023 05:21:16 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgdkPhGKXn%2Fh2oju48ID2pIBEEgQKVH1lZYnbt9pll7nv5VfOsgFa8s8xKBP%2B3%2BaVZym7aL7ExFjBautoWBg%2FZcRf%2F%2BdyOvdRChuPteKzAVYID%2Ffod4nXMsl1uNZjcPT8GIn48sYvDP5KUoEEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfb62f94b58fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

khuyenmai.xn--napth-fsa.vn/js/bootstrap.min.js

104.21.9.183

200 OK

37 kB

URL GET HTTP/3
khuyenmai.xn--napth-fsa.vn/js/bootstrap.min.js
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32039), with CRLF line terminators
Size
37 kB (37061 bytes)
Hash
35e78bb2df69fc12053f9778e2ff2a93
ae8c8a930fd890ee61a9c82a7e85dd22918db7a6
9c7467cb2e579a31a8c0ab41c8557559bf538340fbb8632f6aa2b977aa22bf0a

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 31 May 2023 01:19:05 GMT
content-type: application/javascript
cache-control: public, max-age=3600
expires: Wed, 07 Jun 2023 01:19:05 GMT
last-modified: Wed, 01 Feb 2023 05:21:16 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKxMnc4XK1IuUdRdjg9YSH8%2B3rWqapSKSA6iArfYUiKZJRBpI4RRVY1YZb8Mg9KJiVXtlvHFDi5%2BCTHMiqRDLJ%2BHutLlEtdhHlsequZz3FvN8QMsj8RFIgvMifb4MGc5qcUWalnrDtDmnXBvqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfb62f94b5bfabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

khuyenmai.xn--napth-fsa.vn/js/custom1.js

104.21.9.183

200 OK

268 B

URL GET HTTP/3
khuyenmai.xn--napth-fsa.vn/js/custom1.js
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
268 B (268 bytes)
Hash
39a2f96030c5fa13ef9161348d905709
c39f9067d98b90278c45fb28564b543f161b70c5
11f8994c46b7f014551ab310acbe2497571d05de5ceffcb42a03aec4f7de3d5e

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /js/custom1.js HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 31 May 2023 01:19:05 GMT
content-type: application/javascript
cache-control: public, max-age=3600
expires: Wed, 07 Jun 2023 01:19:05 GMT
last-modified: Wed, 01 Feb 2023 05:21:16 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uimq%2Fe6HHr%2B3pUbrvedjQpdgIOc9V0w0bGRE0vhH6SC805dMePK7ROE1C1rrOey0Ebwr6BzFi3M6rX6fd3%2FnLgeIHF1x6gIg8NarhEIOVeujr75FMqpU%2BN5shZxm1Ka8E6Fg2AduMi8%2BXA1AfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfb62f95b61fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

khuyenmai.xn--napth-fsa.vn/js/kensine.js

104.21.9.183

200 OK

101 kB

URL GET HTTP/3
khuyenmai.xn--napth-fsa.vn/js/kensine.js
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
101 kB (101004 bytes)
Hash
08e463af2e6c57ce1f3e897d41886f30
3aab4b4023019ee6f4df0b804afa76efad8e7f1d
fd64d6b99d7adb77f3670043ff1db3729d758130e130c25702d74eccb67c5eb0

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /js/kensine.js HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 31 May 2023 01:19:05 GMT
content-type: application/javascript
cache-control: public, max-age=3600
expires: Wed, 07 Jun 2023 01:19:05 GMT
last-modified: Wed, 01 Feb 2023 05:21:16 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PtBJdW3aRM8cmmxWJ6TUtc%2FuWLueh%2BJA3yaO4FdutBtQXptUjPe%2FizrEFSFpT4bXRODtG6VROBcsMHWvxP08LsPucrMUCztwJSKroJ%2FJQiUb7ZZ6YPmpQhI%2BFPDPeTjBW8G1OA36FYUN%2BxbEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfb62f95b62fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdngarenanow-a.akamaihd.net/gop/app/0000/010/090/icon.png

0.0.0.0

0 B

URL GET
cdngarenanow-a.akamaihd.net/gop/app/0000/010/090/icon.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gop/app/0000/010/090/icon.png HTTP/1.1
Host: cdngarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "f766555b87e010a5ccfe4a8a79f8fb67:1490238457"
last-modified: Thu, 23 Mar 2017 03:07:32 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 10247
date: Wed, 31 May 2023 01:19:06 GMT
vary: Accept-Encoding
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2

khuyenmai.xn--napth-fsa.vn/images/favicon.ico

104.21.9.183

200 OK

4.5 kB

URL GET HTTP/3
khuyenmai.xn--napth-fsa.vn/images/favicon.ico
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
PNG image data, 70 x 70, 8-bit/color RGB, non-interlaced\012- data
Size
4.5 kB (4454 bytes)
Hash
5fe97698c227d02ccb2284389b884175
b44c10d4a58ece5d6255775d85012f7c75ac6b2f
22a8e20cec6c4cd83c7446bfad7377d371a8a5b8d89bbdb74daa0dea2bcea549

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 31 May 2023 01:19:07 GMT
content-type: image/x-icon
cache-control: public, max-age=2629000
expires: Wed, 07 Jun 2023 01:19:06 GMT
last-modified: Wed, 01 Feb 2023 05:21:16 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhIYdDzetJYGYH9qXmPCwjxU9pm6dvvBq%2FbKumHCSdA3hYZt12uQdOAc9PfSlcMsYPOK0V5%2B2yVIrbG7%2FUI7BEwCE2czMYx%2FEO2TuC5%2FQ5QwfIvqP12oyNZbz3KPzR2cs6GxsnOtx1C78Q3Xbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfb63021d05fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

khuyenmai.xn--napth-fsa.vn/css/bootstrap.min.css

104.21.9.183

200 OK

150 kB

URL GET HTTP/3
khuyenmai.xn--napth-fsa.vn/css/bootstrap.min.css
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (399)
Size
150 kB (149830 bytes)
Hash
1fa2640288b4602af26f8beacaef55c1
5702361c035dfc572d953fe343e9649c38a89c9c
90aeafaae0b8e4ca9a3bca40b981950c2183102721b41a3e89045f32264b2299

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 31 May 2023 01:19:05 GMT
content-type: text/css
cache-control: public, max-age=3600
expires: Wed, 07 Jun 2023 01:19:05 GMT
last-modified: Wed, 01 Feb 2023 05:21:16 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNrwOgnQD25%2Fi6VG3qBctYeOB74i0du%2BpPZIhcguaKHfBpUaqXNjJVpKxSQQ9oolwkJcXcryl1a4KWvDXmIYu4uN1GamCvvI%2Fp0rO47BIXxgetQ%2B7Up8iHTGKXMF8tg0JdAV5bMBCZ2NwU8%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfb62f93b55fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

khuyenmai.xn--napth-fsa.vn/css/napthe1.css

104.21.9.183

200 OK

420 B

URL GET HTTP/3
khuyenmai.xn--napth-fsa.vn/css/napthe1.css
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (494), with no line terminators
Size
420 B (420 bytes)
Hash
851f393a07c2b9cec30b27d933bbc50f
753b200e5bc599f4cbedfcd0b0a7e09880174b28
6d20e0a4d1e0a3d77d539c680ae2a5f4fb1ddf7921367cb3d98a56dd8116250a

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /css/napthe1.css HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 31 May 2023 01:19:05 GMT
content-type: text/css
cache-control: public, max-age=3600
expires: Wed, 07 Jun 2023 01:19:05 GMT
last-modified: Wed, 01 Feb 2023 05:21:16 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrkE6RGuD3L%2B4x7%2FJWQosNo9p5iewjFoolt%2BsGzsi10%2BvHtPIYukE9oMEpIL5Ayfsk14IQ7TpBo0jA4EIV5No4szvULsDHB1U0fjgs94ye3%2FNJG0Z6hXO3A4tfVH0sJBaOPZH1iFeTj86vtcHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfb62f93b56fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

khuyenmai.xn--napth-fsa.vn/css/style.css

104.21.9.183

200 OK

5.3 kB

URL GET HTTP/3
khuyenmai.xn--napth-fsa.vn/css/style.css
IP
104.21.9.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khuyenmai.xn--napth-fsa.vn/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1A:9D:31:74:12:88:0E:F8:DB:CA:7A:FD:7C:4E:27:8A:AC:30:D3:86
ValidityTue, 31 Jan 2023 00:00:00 GMT - Tue, 30 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5658), with no line terminators
Size
5.3 kB (5308 bytes)
Hash
b210240980fa2c1d3b6ec6b2012f205f
9d223550718b9dc4159cff525b43335f987667f7
c992b5b88810d0b64b71632a512e010c5199c31cfcd32f078ed80d541e537911

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /css/style.css HTTP/1.1
Host: khuyenmai.xn--napth-fsa.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khuyenmai.xn--napth-fsa.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 31 May 2023 01:19:05 GMT
content-type: text/css
cache-control: public, max-age=3600
expires: Wed, 07 Jun 2023 01:19:05 GMT
last-modified: Wed, 01 Feb 2023 05:21:16 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlNiYqop2T45nC3TVycdmtvubZApRa0s%2F3W4730uI%2FDwRIGrcURlGOjCPyfiF%2FlPVPiMn3NkfQrerOwoGKNxUTN4yByfgR%2B%2FtZTLPqM21iHMK1tp6cPCNU%2F1%2BqnP9aDtNTVK%2FOnw26RkMf9HEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cfb62f93b57fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (23)

URL GET HTTP/2

IP

ASN

Requested by