Report - www.ngon.cc/

Report Overview

Submitted URL
www.ngon.cc/
IP
3.1.17.18
ASN
#16509 AMAZON-02
Submitted
2023-03-22 15:33:46
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-25T22:19:37Z	6.9 kB	209 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
www.ngon.cc	unknown			784 B	1.5 kB	18.140.6.45
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-26T05:32:55Z	348 B	1.2 kB	104.18.32.68
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-26T05:09:33Z	1.1 kB	3.0 kB	54.230.80.227
a.ladipage.com	59666	2020-08-14T04:05:09Z	2023-03-25T11:26:43Z	1.3 kB	1.5 kB	3.1.188.160
w.ladicdn.com	44911	2019-05-31T05:28:28Z	2023-03-25T11:26:43Z	4.4 kB	5.6 MB	138.199.37.229
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	2.4 kB	6.2 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	2.4 kB	4.9 kB	216.58.211.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-26T06:22:54Z	488 B	15 kB	172.217.21.170
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	52.35.19.71
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-26T05:32:55Z	1.7 kB	4.8 kB	104.18.32.68
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	58 kB	34.120.237.76
static.ladipage.net	149891	2017-02-02T11:19:13Z	2023-03-25T11:26:43Z	429 B	382 B	54.255.65.148

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-22 15:33:40	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-22 15:33:40	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-22 15:33:41	low	52.76.101.124	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	www.ngon.cc/	1.5 kB	2023-03-26	2023-03-26
Pretty URL www.ngon.cc/ IP 18.140.6.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:17:30 Last Seen2023-03-26 14:17:30 Times Seen1 Hash e0a2ed62b74e48c687f1af2109bfab73 3d5685ecf7743b720733d420968aa371875f9c66 a4233889262f9a48aaf33f63720f3b1313af934280d0b76eb288a34caced7a10 Loading...

	w.ladicdn.com/v2/source/ladipagev3.min.js?v=1679489703593	317 kB	2023-03-26	2023-03-29
Pretty URL w.ladicdn.com/v2/source/ladipagev3.min.js?v=1679489703593 IP 138.199.37.229 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:17:30 Last Seen2023-03-29 22:13:15 Times Seen2 Hash 2064c69660ef882adbbd7ffd804518ed 7d0919ab3e9ff4bf38ce7f305332be3a09584613 054cd6a77b16710847c146ad4354e717eb13885b4df0046d8bc13a63b478abc3 Loading...

	www.ngon.cc/	1.2 kB	2023-03-07	2024-01-05
Pretty URL www.ngon.cc/ IP 18.140.6.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:26 Last Seen2024-01-05 05:53:05 Times Seen54 Hash b06b2c6ce725a610df9f02bd955457d6 78af8f699c62269846a128bbb61ff47875569a39 e216035e33b2746d3f093a98d57e307f50189589a2438b1fa9cbef440bbe8a96 Loading...

	www.ngon.cc/	2.1 kB	2023-03-26	2023-12-01
Pretty URL www.ngon.cc/ IP 18.140.6.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:02:15 Last Seen2023-12-01 15:45:30 Times Seen17 Hash e9c2b73a6089b07f8d04b4e516d9c883 d3aba029a0e54e44580506a6fd33bff6cf76893c 620861481da2f7fff83bd2589be6af9c685ecce7411074387e34864f35b50511 Loading...

HTTP Transactions (64)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash ec332b81a27117ce9c16b67a5a8e4fac b6d2afa2c859d000ad830d3d8d73f57bac6ffce2 1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F" Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13594 Expires: Wed, 22 Mar 2023 19:20:08 GMT Date: Wed, 22 Mar 2023 15:33:34 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 65fc860bc043f3fb83bdc3debdcd322d 418010755deae099ef1284e402813c5837a10f42 d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9525 Expires: Wed, 22 Mar 2023 18:12:19 GMT Date: Wed, 22 Mar 2023 15:33:34 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 51a5d4696a6090c295850554508b51ce c44e143c2223546e64b19f543b8101aaf3b11e97 8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10291 Expires: Wed, 22 Mar 2023 18:25:05 GMT Date: Wed, 22 Mar 2023 15:33:34 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 22 Mar 2023 15:27:30 GMT content-type: application/json age: 364 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: 7VicSze2g/0tAskOYtxd7dD9JOlv9VVu6YDKwbmqsgKhaOiBBX+IzweXrPyD2x1dBFVf0u+fu40= x-amz-request-id: 26TJ1YBPYWB8W2X6 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 22 Mar 2023 14:53:40 GMT age: 2394 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 22 Mar 2023 15:33:35 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	www.ngon.cc/	18.140.6.45	301 Moved Permanently	166 B
URL HTTP/1.1 www.ngon.cc/ IP 18.140.6.45:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 166 B (166 bytes) Hash 3ea1c8d079b38532a6e01a96216ba5e2 598d3ff91d3e252f1e13df8cf0348b270ff2da3f 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691 HTTP Headers `GET / HTTP/1.1 Host: www.ngon.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: openresty Date: Wed, 22 Mar 2023 15:33:35 GMT Content-Type: text/html Content-Length: 166 Connection: keep-alive Location: https://www.ngon.cc/`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 22 Mar 2023 15:17:23 GMT age: 972 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 18b877ebbad1529e4bd91e12220d91c4 a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc 7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5496 Expires: Wed, 22 Mar 2023 17:05:11 GMT Date: Wed, 22 Mar 2023 15:33:35 GMT Connection: keep-alive`

	zerossl.ocsp.sectigo.com/	104.18.32.68	200 OK	728 B
URL HTTP/1.1 zerossl.ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 728 B (728 bytes) Hash 04f147ee9de910e0d00ff209d664734b 921ed122697f2b26d11e25779ca79ef95a2bf378 6b10102b482e061a14c34eccf83f8e2d03c71e4632c5840bacfb88f2c66a6797 HTTP Headers `POST / HTTP/1.1 Host: zerossl.ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 22 Mar 2023 15:33:35 GMT Content-Type: application/ocsp-response Content-Length: 728 Connection: keep-alive Last-Modified: Mon, 20 Mar 2023 13:06:24 GMT Expires: Mon, 27 Mar 2023 13:06:23 GMT Etag: "921ed122697f2b26d11e25779ca79ef95a2bf378" Cache-Control: max-age=422567,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7abf7e7209c9b4ed-OSL`

	push.services.mozilla.com/	52.35.19.71	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.35.19.71:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: QzxM3Ex850pRSG7eESow4Q== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: N+Dv0T16T+ormODJZLeKENqtbiA=`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 06adbc463c1bafb4b79a2d2f10791ef8 30a6d093719f89764805f62102b0a07c493016a0 64000d2bedca454efa1fc2de6083ca06cb3e94b33565427ba9ac7c9345a926fb HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 22 Mar 2023 15:33:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 342da587101df62e3e8f03dc4a87f93d 897c40f31b24adf281b804bbca7f0ffba5b86816 f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 22 Mar 2023 15:33:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0086fc6b6b52670b2d7ca51fc65d8d44 1d906db50d0373e0e3e1e85031de970218264f4d 24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 22 Mar 2023 15:33:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0086fc6b6b52670b2d7ca51fc65d8d44 1d906db50d0373e0e3e1e85031de970218264f4d 24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 22 Mar 2023 15:33:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0086fc6b6b52670b2d7ca51fc65d8d44 1d906db50d0373e0e3e1e85031de970218264f4d 24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 22 Mar 2023 15:33:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0086fc6b6b52670b2d7ca51fc65d8d44 1d906db50d0373e0e3e1e85031de970218264f4d 24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 22 Mar 2023 15:33:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	142.250.74.163	200 OK	45 kB
URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Size 45 kB (44856 bytes) Hash 565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db HTTP Headers `GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 44856 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Mar 2023 10:05:58 GMT expires: Fri, 15 Mar 2024 10:05:58 GMT cache-control: public, max-age=31536000 age: 538058 last-modified: Mon, 15 Aug 2022 18:20:18 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/niramit/v10/I_uuMpWdvgLdNxVLXb1akxCv.woff2	142.250.74.163	200 OK	9.6 kB
URL HTTP/2 fonts.gstatic.com/s/niramit/v10/I_uuMpWdvgLdNxVLXb1akxCv.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 9580, version 1.0\012- data Size 9.6 kB (9580 bytes) Hash f0568343d8aa3a9c4bab203a17527c88 e4b0985fbe921bc83e4ad745d3977f48ff8b39a9 76d3c822b9b3bf91d7a978b726345230d413a03044d2ddee4c7bd16c4986f11b HTTP Headers `GET /s/niramit/v10/I_uuMpWdvgLdNxVLXb1akxCv.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9580 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Mar 2023 05:20:11 GMT expires: Fri, 15 Mar 2024 05:20:11 GMT cache-control: public, max-age=31536000 last-modified: Mon, 09 May 2022 18:47:38 GMT content-type: font/woff2 age: 555205 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2	142.250.74.163	200 OK	12 kB
URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 11724, version 1.0\012- data Size 12 kB (11724 bytes) Hash e65a22778da0d148c4b2e5622381eeb5 1588442e1a3df4b766c986312e8feb13ef075088 51b92baed544da51ed74076ee2a3b3e8a4fb231ddf6647195723ef16fa430291 HTTP Headers GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 11724 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Mar 2023 10:06:11 GMT expires: Fri, 15 Mar 2024 10:06:11 GMT cache-control: public, max-age=31536000 age: 538045 last-modified: Wed, 27 Apr 2022 16:50:36 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Open%20Sans:bold,regular\|Roboto:bold,regular\|Niramit:bold,regular\|Source%20Sans%20Pro:bold,regular&display=swap	172.217.21.170	200 OK	14 kB
URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:bold,regular\|Roboto:bold,regular\|Niramit:bold,regular\|Source%20Sans%20Pro:bold,regular&display=swap IP 172.217.21.170:0 ASN #15169 GOOGLE File type data Size 14 kB (14078 bytes) Hash dbb221c34fce9d2c936e1f07c3e2eb56 01bc39ef19dc54a6bcd50b937fbc0755e83572a2 87e7461f31e1b68908fdc8a0517e8494d53e37aab66e08d5b014d53e7c414d61 HTTP Headers `GET /css?family=Open%20Sans:bold,regular\|Roboto:bold,regular\|Niramit:bold,regular\|Source%20Sans%20Pro:bold,regular&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 22 Mar 2023 15:33:36 GMT date: Wed, 22 Mar 2023 15:33:36 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2	142.250.74.163	200 OK	12 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data Size 12 kB (11824 bytes) Hash deb26e9b1a25438118e5d39d741ae6b6 a2801defb4c8bed8e4083dfde0b2a5a9c0537020 fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 11824 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 15 Mar 2023 22:12:03 GMT expires: Thu, 14 Mar 2024 22:12:03 GMT cache-control: public, max-age=31536000 age: 580893 last-modified: Wed, 11 May 2022 19:24:43 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2	142.250.74.163	200 OK	12 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data Size 12 kB (11872 bytes) Hash 87ace20058325aa069320aa4af875dff b743548770c46d905ae1ba06310bc001c587fe8e 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431 HTTP Headers `GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 11872 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Mar 2023 11:42:05 GMT expires: Fri, 15 Mar 2024 11:42:05 GMT cache-control: public, max-age=31536000 age: 532291 last-modified: Wed, 11 May 2022 19:25:01 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2	142.250.74.163	200 OK	31 kB
URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data Size 31 kB (31320 bytes) Hash 3fe71527811fbfedd2c07962e1bc49e7 f63e158a0480c5d711b5e268db0e75e57d87a8a5 24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95 HTTP Headers `GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 31320 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Mar 2023 11:42:47 GMT expires: Fri, 15 Mar 2024 11:42:47 GMT cache-control: public, max-age=31536000 age: 532249 last-modified: Mon, 15 Aug 2022 18:11:37 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/niramit/v10/I_uuMpWdvgLdNxVLXbNakw.woff2	142.250.74.163	200 OK	12 kB
URL HTTP/2 fonts.gstatic.com/s/niramit/v10/I_uuMpWdvgLdNxVLXbNakw.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 11708, version 1.0\012- data Size 12 kB (11708 bytes) Hash 465495a168f14ec53087a47fe934e145 82f5d9ffff444ca191adb2022333fb38c0ec3bc3 2a8e7cec571d881c355a091193b101b76049364be1bc3fc1a60cf5c7ceccea95 HTTP Headers `GET /s/niramit/v10/I_uuMpWdvgLdNxVLXbNakw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 11708 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 14:16:27 GMT expires: Thu, 21 Mar 2024 14:16:27 GMT cache-control: public, max-age=31536000 age: 4629 last-modified: Mon, 09 May 2022 18:53:17 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2	142.250.74.163	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size 16 kB (15860 bytes) Hash e9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Mar 2023 11:57:31 GMT expires: Fri, 15 Mar 2024 11:57:31 GMT cache-control: public, max-age=31536000 age: 531365 last-modified: Wed, 11 May 2022 19:24:42 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.163	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size 16 kB (15744 bytes) Hash 15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 HTTP Headers `GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Mar 2023 03:13:04 GMT expires: Fri, 15 Mar 2024 03:13:04 GMT cache-control: public, max-age=31536000 age: 562832 last-modified: Wed, 11 May 2022 19:24:48 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/niramit/v10/I_uuMpWdvgLdNxVLXbxakxCv.woff2	142.250.74.163	200 OK	3.5 kB
URL HTTP/2 fonts.gstatic.com/s/niramit/v10/I_uuMpWdvgLdNxVLXbxakxCv.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 3536, version 1.0\012- data Size 3.5 kB (3536 bytes) Hash ce59a3bab102a836a396cc51e8087e09 4cdc233044fc33f74ace503bfe241d9d4533389c 8c48f326437f5f73f41b63a818e41bc69f75dd024baa1f3628aee6b75f309fee HTTP Headers `GET /s/niramit/v10/I_uuMpWdvgLdNxVLXbxakxCv.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 3536 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 19 Mar 2023 21:29:38 GMT expires: Mon, 18 Mar 2024 21:29:38 GMT cache-control: public, max-age=31536000 last-modified: Mon, 09 May 2022 18:45:24 GMT content-type: font/woff2 age: 237838 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0086fc6b6b52670b2d7ca51fc65d8d44 1d906db50d0373e0e3e1e85031de970218264f4d 24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 22 Mar 2023 15:33:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2	142.250.74.163	200 OK	4.1 kB
URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 4136, version 1.0\012- data Size 4.1 kB (4136 bytes) Hash 2ec081d7bdf9ed3aa2881dc4e6d5b479 91d3530453b803c2ace16b1c0d466e4ae25ba7f0 4de44eab29462e426981eca31a2e82331fbc494e64633889321a3b8db175527c HTTP Headers GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmBduz8A.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 4136 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 16 Mar 2023 00:58:36 GMT expires: Fri, 15 Mar 2024 00:58:36 GMT cache-control: public, max-age=31536000 age: 570900 last-modified: Wed, 27 Apr 2022 16:14:13 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.32.68	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash e5fde783e53caf488a648b8fcf616d0d d817eef95cf2fab49dfef4084f2b008371ce94fb 53546a182ab4a2de546b611ee76b69907558b832f9d0c3299f2e0826c83a1041 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 22 Mar 2023 15:33:36 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 22 Mar 2023 07:14:57 GMT Expires: Wed, 29 Mar 2023 07:14:56 GMT Etag: "d817eef95cf2fab49dfef4084f2b008371ce94fb" Cache-Control: max-age=574279,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7abf7e762934b50b-OSL`

	ocsp.sectigo.com/	104.18.32.68	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash e5fde783e53caf488a648b8fcf616d0d d817eef95cf2fab49dfef4084f2b008371ce94fb 53546a182ab4a2de546b611ee76b69907558b832f9d0c3299f2e0826c83a1041 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 22 Mar 2023 15:33:36 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 22 Mar 2023 07:14:57 GMT Expires: Wed, 29 Mar 2023 07:14:56 GMT Etag: "d817eef95cf2fab49dfef4084f2b008371ce94fb" Cache-Control: max-age=574279,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7abf7e774f3ab4eb-OSL`

	w.ladicdn.com/s500x400/6321cc37ed921900143d909f/logo-zalo-20230318052552-w7v9p.png	138.199.37.229	200 OK	9.9 kB
URL HTTP/2 w.ladicdn.com/s500x400/6321cc37ed921900143d909f/logo-zalo-20230318052552-w7v9p.png IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type PNG image data, 357 x 115, 8-bit/color RGBA, non-interlaced\012- data Size 9.9 kB (9948 bytes) Hash 7aaeecd51ac5ccc614337208c8e5d2b2 0415fac8f0c04879cb978378c4170ccfd1645db2 e65cce1592246f283fabc8e8a3a32009834a036b0375dbeca552517e83078d5d HTTP Headers `GET /s500x400/6321cc37ed921900143d909f/logo-zalo-20230318052552-w7v9p.png HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:36 GMT content-type: image/png content-length: 9948 server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO access-control-allow-origin: * access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control: public, max-age=31919000 etag: "64185d63-26dc" last-modified: Mon, 20 Mar 2023 13:19:31 GMT cdn-storageserver: NY-267 cdn-requestpullsuccess: True cdn-fileserver: 267 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/20/2023 16:07:39 cdn-edgestorageid: 1079 cdn-status: 200 cdn-requestid: 2661a657a8b8a2b593a1b946ed50343d cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2	142.250.74.163	200 OK	14 kB
URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 14040, version 1.0\012- data Size 14 kB (14040 bytes) Hash eadd44d829d43ddf48870c2073f1a7ca fc04b04f37e0988001c81be96bca33c4d866450f 84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6 HTTP Headers GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 14040 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 15 Mar 2023 17:47:55 GMT expires: Thu, 14 Mar 2024 17:47:55 GMT cache-control: public, max-age=31536000 age: 596741 last-modified: Mon, 15 Aug 2022 18:14:42 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2	142.250.74.163	200 OK	5.6 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data Size 5.6 kB (5560 bytes) Hash ca3b09b62fda648a4511700413313fd0 109cd4c5435bd6614391bb8722c47c287c96b2ec 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec HTTP Headers `GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 5560 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 13:49:19 GMT expires: Thu, 21 Mar 2024 13:49:19 GMT cache-control: public, max-age=31536000 age: 6257 last-modified: Wed, 11 May 2022 19:24:41 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2	142.250.74.163	200 OK	5.5 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP 142.250.74.163:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 5548, version 1.0\012- data Size 5.5 kB (5548 bytes) Hash cdaab83619fcacd4027a77c99dd51e69 9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9 HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.ngon.cc Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 5548 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 19 Mar 2023 17:43:24 GMT expires: Mon, 18 Mar 2024 17:43:24 GMT cache-control: public, max-age=31536000 last-modified: Wed, 11 May 2022 19:24:45 GMT content-type: font/woff2 age: 251412 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	w.ladicdn.com/s600x600/6321cc37ed921900143d909f/shadow-samsung-20230317163902-oqwqw.png	138.199.37.229	200 OK	26 kB
URL HTTP/2 w.ladicdn.com/s600x600/6321cc37ed921900143d909f/shadow-samsung-20230317163902-oqwqw.png IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type PNG image data, 679 x 600, 8-bit/color RGBA, non-interlaced\012- data Size 26 kB (25771 bytes) Hash b0be81a6ea44083accb3e2bcb9b4a787 bac078a5e3759344ca236920865f92e02c3c2a5d b05257f9ca543558c9f4b2cb82c86dda7f785d9a6d305d5edeba763e2b889aac HTTP Headers `GET /s600x600/6321cc37ed921900143d909f/shadow-samsung-20230317163902-oqwqw.png HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:36 GMT content-type: image/png content-length: 25771 server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO access-control-allow-origin: * access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control: public, max-age=31919000 etag: "64149b45-64ab" last-modified: Fri, 17 Mar 2023 16:54:29 GMT cdn-storageserver: NY-346 cdn-requestpullsuccess: True cdn-fileserver: 427 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/19/2023 18:01:27 cdn-edgestorageid: 1075 cdn-status: 200 cdn-requestid: e3ab51171c4cb2c09ba3abdc951017e8 cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	w.ladicdn.com/s500x600/6321cc37ed921900143d909f/samsung-3-20230317163902-gqc4z.png	138.199.37.229	200 OK	186 kB
URL HTTP/2 w.ladicdn.com/s500x600/6321cc37ed921900143d909f/samsung-3-20230317163902-gqc4z.png IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type PNG image data, 500 x 852, 8-bit/color RGBA, non-interlaced\012- data Size 186 kB (185469 bytes) Hash 0dad49acdc9ce3c56def2ab96bc7a3d5 1daed93e12a91568f3d477e38518682f2558f072 ddf2699eca4e97c7155f42854e389f12a52d8e527fb43388a206f965858b1e66 HTTP Headers `GET /s500x600/6321cc37ed921900143d909f/samsung-3-20230317163902-gqc4z.png HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:36 GMT content-type: image/png content-length: 185469 server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO access-control-allow-origin: * access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control: public, max-age=31919000 etag: "64149b47-2d47d" last-modified: Fri, 17 Mar 2023 16:54:31 GMT cdn-storageserver: NY-267 cdn-requestpullsuccess: True cdn-fileserver: 427 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/19/2023 18:01:27 cdn-edgestorageid: 860 cdn-status: 200 cdn-requestid: 5f89963fff2060445aed981d713a0899 cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	w.ladicdn.com/s550x700/6321cc37ed921900143d909f/samsung-20230317165301-qn7dc.png	138.199.37.229	200 OK	579 kB
URL HTTP/2 w.ladicdn.com/s550x700/6321cc37ed921900143d909f/samsung-20230317165301-qn7dc.png IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type PNG image data, 550 x 1021, 8-bit/color RGBA, non-interlaced\012- data Size 579 kB (579214 bytes) Hash e1708f7caafffda8fab6f352d32257c8 b0dc4a178ab837d2af1796f74b29eb22456fd0b0 4dc5261d510b9dcfa73fd34d850bdf5c14c01e1f90eab1f17d1a1f125a26664f HTTP Headers `GET /s550x700/6321cc37ed921900143d909f/samsung-20230317165301-qn7dc.png HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:36 GMT content-type: image/png content-length: 579214 server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO access-control-allow-origin: * access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control: public, max-age=31919000 etag: "64149b46-8d68e" last-modified: Fri, 17 Mar 2023 16:54:30 GMT cdn-storageserver: NY-427 cdn-requestpullsuccess: True cdn-fileserver: 267 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/19/2023 18:01:27 cdn-edgestorageid: 863 cdn-status: 200 cdn-requestid: 00c814aad830b91a3d4cdcecd7ea188d cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	w.ladicdn.com/s500x600/6321cc37ed921900143d909f/samsung-2-20230317163902-k_8bo.png	138.199.37.229	200 OK	420 kB
URL HTTP/2 w.ladicdn.com/s500x600/6321cc37ed921900143d909f/samsung-2-20230317163902-k_8bo.png IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type PNG image data, 500 x 837, 8-bit/color RGBA, non-interlaced\012- data Size 420 kB (420525 bytes) Hash 623341e1d4010c3bfaa8f7edc032d30d 76a77f9ec2a5b8aa7f3d82bc8f514d4d6cdada86 10b00c05e7c091d08608f219c1c8e1472849d30e2489a463e72524e005ca6d79 HTTP Headers `GET /s500x600/6321cc37ed921900143d909f/samsung-2-20230317163902-k_8bo.png HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:36 GMT content-type: image/png content-length: 420525 server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO access-control-allow-origin: * access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control: public, max-age=31919000 etag: "64149b46-66aad" last-modified: Fri, 17 Mar 2023 16:54:30 GMT cdn-storageserver: NY-430 cdn-requestpullsuccess: True cdn-fileserver: 354 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/19/2023 18:01:27 cdn-edgestorageid: 1076 cdn-status: 200 cdn-requestid: f60b1d8d57c869a7a8a0a41f3f2348ee cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.32.68	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash e5fde783e53caf488a648b8fcf616d0d d817eef95cf2fab49dfef4084f2b008371ce94fb 53546a182ab4a2de546b611ee76b69907558b832f9d0c3299f2e0826c83a1041 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 22 Mar 2023 15:33:36 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 22 Mar 2023 07:14:57 GMT Expires: Wed, 29 Mar 2023 07:14:56 GMT Etag: "d817eef95cf2fab49dfef4084f2b008371ce94fb" Cache-Control: max-age=574279,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7abf7e777b54b50b-OSL`

	w.ladicdn.com/s550x650/6321cc37ed921900143d909f/iphone-copy-20230317142216-3mnry.png	138.199.37.229	200 OK	352 kB
URL HTTP/2 w.ladicdn.com/s550x650/6321cc37ed921900143d909f/iphone-copy-20230317142216-3mnry.png IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type PNG image data, 550 x 829, 8-bit/color RGBA, non-interlaced\012- data Size 352 kB (352234 bytes) Hash 239ce92698a5ae260d6e960622292dd7 cc531bbde506de600cdb5da6361a8b600b21997b cfdb3b18bc030e823141c003af1ea55dbcb06d367e12d99d53b9f941906af766 HTTP Headers `GET /s550x650/6321cc37ed921900143d909f/iphone-copy-20230317142216-3mnry.png HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:36 GMT content-type: image/png content-length: 352234 server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO access-control-allow-origin: * access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control: public, max-age=31919000 etag: "641480bb-55fea" last-modified: Fri, 17 Mar 2023 15:01:15 GMT cdn-storageserver: NY-427 cdn-requestpullsuccess: True cdn-fileserver: 266 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/19/2023 18:01:27 cdn-edgestorageid: 864 cdn-status: 200 cdn-requestid: 177c02824e7770df35319abb4ec8d2f3 cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.32.68	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash e5fde783e53caf488a648b8fcf616d0d d817eef95cf2fab49dfef4084f2b008371ce94fb 53546a182ab4a2de546b611ee76b69907558b832f9d0c3299f2e0826c83a1041 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 22 Mar 2023 15:33:36 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 22 Mar 2023 07:14:57 GMT Expires: Wed, 29 Mar 2023 07:14:56 GMT Etag: "d817eef95cf2fab49dfef4084f2b008371ce94fb" Cache-Control: max-age=574279,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7abf7e777d371c0e-OSL`

	w.ladicdn.com/s450x400/6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png	138.199.37.229	200 OK	2.0 MB
URL HTTP/2 w.ladicdn.com/s450x400/6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type PNG image data, 1920 x 1676, 8-bit/color RGBA, interlaced\012- data Size 2.0 MB (2013267 bytes) Hash 4f1fc1ff24d08a5ae366301a981217c8 46e0e6c9cddd3608cdeb19301478b37867c89533 62cc081e11111472da9842f767873e5ef6ddb9400c9c95965a872f8f74b2d771 HTTP Headers `GET /s450x400/6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:36 GMT content-type: image/png content-length: 2013267 server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO access-control-allow-origin: * access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control: public, max-age=31919000 etag: "64186177-1eb853" last-modified: Mon, 20 Mar 2023 13:36:55 GMT cdn-storageserver: NY-427 cdn-requestpullsuccess: True cdn-fileserver: 563 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/20/2023 16:07:40 cdn-edgestorageid: 1048 cdn-status: 200 cdn-requestid: 4544c3b04a8b5d44125aef85c97fef1c cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.32.68	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash e5fde783e53caf488a648b8fcf616d0d d817eef95cf2fab49dfef4084f2b008371ce94fb 53546a182ab4a2de546b611ee76b69907558b832f9d0c3299f2e0826c83a1041 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 22 Mar 2023 15:33:36 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Wed, 22 Mar 2023 07:14:57 GMT Expires: Wed, 29 Mar 2023 07:14:56 GMT Etag: "d817eef95cf2fab49dfef4084f2b008371ce94fb" Cache-Control: max-age=574279,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7abf7e778806b503-OSL`

	w.ladicdn.com/s768x593/57b167c9ca57d39c18a1c57c/7-928521.jpg	138.199.37.229	200 OK	12 kB
URL HTTP/2 w.ladicdn.com/s768x593/57b167c9ca57d39c18a1c57c/7-928521.jpg IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type JPEG image data, baseline, precision 8, 1050x593, components 3\012- data Size 12 kB (11914 bytes) Hash d2c24bb21a23650fe3b41a99e3f1cc15 bdf2763b99df6ad190e8cc910f061120168dca1f aae52246002b103d5c6e3c36663e4574403e7842a43dc76b4872cfe6f11273c0 HTTP Headers `GET /s768x593/57b167c9ca57d39c18a1c57c/7-928521.jpg HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:36 GMT content-type: image/jpeg content-length: 11914 server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO access-control-allow-origin: * access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control: public, max-age=31919000 etag: "6418629b-2e8a" last-modified: Mon, 20 Mar 2023 13:41:47 GMT cdn-storageserver: NY-427 cdn-requestpullsuccess: True cdn-fileserver: 427 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/20/2023 16:07:39 cdn-edgestorageid: 752 cdn-status: 200 cdn-requestid: fcf9c8f9da3e0c512638e4f0bfb54de1 cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12440 Expires: Wed, 22 Mar 2023 19:00:57 GMT Date: Wed, 22 Mar 2023 15:33:37 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12440 Expires: Wed, 22 Mar 2023 19:00:57 GMT Date: Wed, 22 Mar 2023 15:33:37 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12440 Expires: Wed, 22 Mar 2023 19:00:57 GMT Date: Wed, 22 Mar 2023 15:33:37 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ccef074-5c97-4b5e-842d-b01d7dc45627.jpeg	34.120.237.76	200 OK	3.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ccef074-5c97-4b5e-842d-b01d7dc45627.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.1 kB (3100 bytes) Hash 4f9aef2e82d471b00bdf191d1e955492 e1d36f5481258ce121d9f41b4b868d1c9c1b2f06 c09128e3010f6f2e3e4ccbe4b4920ba55e46ce2cde0c51eedb7779cd92add9f2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ccef074-5c97-4b5e-842d-b01d7dc45627.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3100 x-amzn-requestid: 10971eed-ede1-4e8a-bfd0-ff9028b54792 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJqOpHeNoAMFn2A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a23f7-12abbd6a4d0ada441f378fa9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:39:03 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: QXCRb_HI9cbKAVPYlRTKc77WZ1EVE9XKD6HVd5RtWRAiRaQiR3lz3A== via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 22:09:39 GMT etag: "e1d36f5481258ce121d9f41b4b868d1c9c1b2f06" content-type: image/jpeg age: 62638 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10480 bytes) Hash 6f0b9e85381489dcf646c251722b21d4 5f7ea91288a2170bcabdca6be296718c4191eacd 911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10480 x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJptHG7JoAMFSwA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT x-amz-cf-pop: SEA19-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: hqGFdT1Sk0IcvaNqfvjz5RsGBK-qMBcNKbK9FyZ7OoiH30hDL9ekxA== via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 22:09:39 GMT age: 62638 etag: "5f7ea91288a2170bcabdca6be296718c4191eacd" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10407 bytes) Hash 2062cf7a271d4ac7a04c0a746d443e07 3343851f2128c5f1fe4302c2aa53e8ce1fb661ac e479263c1742d2597cf8948ef059b0bc97dbb97f47bb5cafee3d4af12069d2ce HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10407 x-amzn-requestid: 87aba2e6-d7e8-4456-a12f-e05ac556b839 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJqJhGnXIAMF1yA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a23d6-2b6c3d62366f47f506ce8415;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:38:30 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 0o5WYZHvY_8BBGYe5Nc8R4wywGaEn5C71XI7vc_ScMv7GixtP9LyTw== via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 22:01:15 GMT age: 63142 etag: "3343851f2128c5f1fe4302c2aa53e8ce1fb661ac" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg	34.120.237.76	200 OK	9.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.5 kB (9459 bytes) Hash 412bd6aea60211324e649d7d920601d2 a813976bda850a584b5ab94d9a70bfe0da69aca0 d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9459 x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJqmAEhHoAMFgRQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT x-amz-cf-pop: SEA19-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: akl7ASh6hPewrlTjOxORbQRIcBbIHLM9JQgMexhgsiPqc1OarfnPHw== via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:47:59 GMT age: 63938 etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg	34.120.237.76	200 OK	8.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.0 kB (8037 bytes) Hash aeb0d8069d746e467fecd886c0e42628 8229b537f84a7418dc67e30691e62db4cea67f0f 24705dc5b7eefd79a35323beee7c741aa041c3bf55801d13b4ffc2b202e6a394 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8037 x-amzn-requestid: 7a9f7bb5-d810-4831-b5d2-3eead1af864a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJprcGY1IAMFSAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-53cdee4b645ed18e1dfeb92c;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: QW8T5AGg_L1mT4fE8IHeBG9TSiGpbBJpZE2yZdBtAQMJCPV8OKK5Dw== via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:47:59 GMT etag: "8229b537f84a7418dc67e30691e62db4cea67f0f" content-type: image/jpeg age: 63938 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bad98da-6135-4f42-b2ae-18c876c9d5b5.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bad98da-6135-4f42-b2ae-18c876c9d5b5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (9954 bytes) Hash 10b246700a68864e2e13eb3a2362a2ab 5aa62479325a9cb5e70e4c9b8423880a7e39272a f8e4416ac4d95566b93f4e875033af06178f95787819086eead9620f72fe680e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bad98da-6135-4f42-b2ae-18c876c9d5b5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9954 x-amzn-requestid: d768546f-e640-4cdb-a089-3bb4e93a8237 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJqOpFFkoAMFZNQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a23f7-3fbd266a6c23aaa26ce8df54;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:39:03 GMT x-amz-cf-pop: HIO52-P1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: 1cygBrmAdFw7JGzw1iLe3_vTocGJd7xgLUSpAXyWsUFU70WM_fwteA== via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 9825a45e2b387a61504c0c3df20048ee.cloudfront.net (CloudFront), 1.1 google date: Tue, 21 Mar 2023 21:44:20 GMT age: 64157 etag: "5aa62479325a9cb5e70e4c9b8423880a7e39272a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 87013570a74a09a8b5ecfa41547cfe8d bb412174ae1cab9175a84c61cae69b625fb1b471 57409efed1404cc4c323c9df67aaeff84e9282ff3cb43d017c6cec8328a3cacd HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=94399 Date: Wed, 22 Mar 2023 15:33:37 GMT Etag: "6419d4ab-1d7" Expires: Thu, 23 Mar 2023 17:46:56 GMT Last-Modified: Tue, 21 Mar 2023 16:00:43 GMT Server: ECAcc (nya/7899) X-Cache: Miss from cloudfront Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 9FvMjQjBub_f4BYh-T5Ruxytu7vO4r5al8b74SETNbiC5vc9-LVVeQ== Age: 6373

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 87013570a74a09a8b5ecfa41547cfe8d bb412174ae1cab9175a84c61cae69b625fb1b471 57409efed1404cc4c323c9df67aaeff84e9282ff3cb43d017c6cec8328a3cacd HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=90641 Date: Wed, 22 Mar 2023 15:33:37 GMT Etag: "6419d4ab-1d7" Expires: Thu, 23 Mar 2023 16:44:18 GMT Last-Modified: Tue, 21 Mar 2023 16:00:43 GMT Server: ECAcc (dcb/7343) X-Cache: Miss from cloudfront Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 09KpJ0m118wf__yzsnKBplkWkMSCXs2UOeBV2lhvw3BntjHCzcDHSA== Age: 2615

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 2ebd030dda258fd273427d19318ed2bd a96b82f50149aa41def3735bebebfcf44cb24242 ddc1b9d405dbad09c5b09d602760efed99373b8d5cba1eb456a7ea220f74d6e9 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=157709 Date: Wed, 22 Mar 2023 15:33:37 GMT Etag: "641ade74-1d7" Expires: Fri, 24 Mar 2023 11:22:06 GMT Last-Modified: Wed, 22 Mar 2023 10:54:44 GMT Server: ECAcc (dcb/7EB2) X-Cache: Miss from cloudfront Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: -jPbo9KPZIIMCkW2dhGdnQG0mJgkJCw81eqF_NtMsIB81HHtbTd8HQ== Age: 1642

	static.ladipage.net/6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png	54.255.65.148	301 Moved Permanently	134 B
URL HTTP/2 static.ladipage.net/6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png IP 54.255.65.148:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 134 B (134 bytes) Hash 4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a HTTP Headers `GET /6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png HTTP/1.1 Host: static.ladipage.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 301 Moved Permanently server: awselb/2.0 date: Wed, 22 Mar 2023 15:33:37 GMT content-type: text/html content-length: 134 location: https://w.ladicdn.com:443/6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png X-Firefox-Spdy: h2`

	w.ladicdn.com/6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png	138.199.37.229	200 OK	2.0 MB
URL HTTP/2 w.ladicdn.com/6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type PNG image data, 1920 x 1676, 8-bit/color RGBA, interlaced\012- data Size 2.0 MB (2013267 bytes) Hash 4f1fc1ff24d08a5ae366301a981217c8 46e0e6c9cddd3608cdeb19301478b37867c89533 62cc081e11111472da9842f767873e5ef6ddb9400c9c95965a872f8f74b2d771 HTTP Headers `GET /6321cc37ed921900143d909f/logo-03-20230317145508-fyepy.png HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.ngon.cc/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:37 GMT content-type: image/png content-length: 2013267 server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO access-control-allow-origin: * access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control: public, max-age=31919000 etag: "6415d41c-1eb853" last-modified: Sat, 18 Mar 2023 15:09:16 GMT cdn-storageserver: NY-266 cdn-requestpullsuccess: True cdn-fileserver: 563 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/19/2023 18:01:29 cdn-edgestorageid: 1078 cdn-status: 200 cdn-requestid: c69d1a5151e137d196737d7d26f060c8 cdn-cache: HIT accept-ranges: bytes X-Firefox-Spdy: h2

	www.ngon.cc/	52.76.101.124	200 OK	0 B
URL HTTP/2 www.ngon.cc/ IP 52.76.101.124:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: www.ngon.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK server: openresty date: Wed, 22 Mar 2023 15:33:36 GMT content-type: text/html; charset=utf-8 vary: Accept-Encoding cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 set-cookie: LADI_DNS_CHECK="2023-03-22 15:33:36.056297408 +0000 UTC m=+1335312.741135843"; Expires=Sat, 19 Mar 2033 15:33:36 GMT LADI_CLIENT_ID=34dbe007-8496-4aca-4d2a-00b5d5a2c02a; Expires=Sat, 19 Mar 2033 15:33:36 GMT LADI_PAGE_VIEW=0; Expires=Sat, 19 Mar 2033 15:33:36 GMT LADI_FORM_SUBMIT=0; Expires=Sat, 19 Mar 2033 15:33:36 GMT LADI_PAGE_VIEW=1; Expires=Sat, 19 Mar 2033 15:33:36 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0 LADI_CAMP_CONFIG=; Max-Age=0 LADI_CAMP_END_DATE=; Max-Age=0 LADI_FUNNEL_NEXT_URL=; Max-Age=0 LADI_FUNNEL_PREV_URL=; Max-Age=0 statuscode: 200 content-encoding: gzip X-Firefox-Spdy: h2

	w.ladicdn.com/v2/source/ladipagev3.min.js?v=1679489703593	138.199.37.229	200 OK	0 B
URL HTTP/2 w.ladicdn.com/v2/source/ladipagev3.min.js?v=1679489703593 IP 138.199.37.229:0 ASN #60068 Datacamp Limited File type Size 0 B (0 bytes) Hash HTTP Headers `GET /v2/source/ladipagev3.min.js?v=1679489703593 HTTP/1.1 Host: w.ladicdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:36 GMT content-type: text/javascript server: BunnyCDN-DE1-865 cdn-pullzone: 575124 cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba cdn-requestcountrycode: NO vary: Accept-Encoding, Accept-Encoding cache-control: public, max-age=31919000 etag: W/"641afc2d-4d7ee" last-modified: Wed, 22 Mar 2023 13:01:33 GMT cdn-storageserver: NY-430 cdn-requestpullsuccess: True cdn-fileserver: 426 perma-cache: HIT cdn-proxyver: 1.03 cdn-requestpullcode: 200 cdn-cachedat: 03/22/2023 13:06:28 cdn-edgestorageid: 1081 cdn-status: 200 cdn-requestid: fc9fa55e5b3ddc506bc346151aee743f cdn-cache: HIT content-encoding: br X-Firefox-Spdy: h2

	a.ladipage.com/event	3.1.188.160	200 OK	0 B
URL HTTP/2 a.ladipage.com/event IP 3.1.188.160:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers OPTIONS /event HTTP/1.1 Host: a.ladipage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view Referer: https://www.ngon.cc/ Origin: https://www.ngon.cc Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:37 GMT content-type: application/json; charset=utf-8 x-frame-options: SAMEORIGIN x-xss-protection: 0 x-content-type-options: nosniff x-download-options: noopen access-control-allow-origin: * access-control-allow-methods: POST, OPTIONS access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-max-age: 2592000 vary: Accept-Encoding content-encoding: gzip X-Firefox-Spdy: h2

	a.ladipage.com/event	3.1.188.160	200 OK	0 B
URL HTTP/2 a.ladipage.com/event IP 3.1.188.160:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers POST /event HTTP/1.1 Host: a.ladipage.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json LADI_CLIENT_ID: 34dbe007-8496-4aca-4d2a-00b5d5a2c02a LADI_PAGE_VIEW: 1 LADI_FORM_SUBMIT: 0 LADI_CAMP_ID: LADI_CAMP_NAME: LADI_CAMP_TYPE: LADI_CAMP_TARGET_URL: LADI_CAMP_ORIGIN_URL: LADI_CAMP_PAGE_VIEW: 0 LADI_CAMP_FORM_SUBMIT: 0 Content-Length: 208 Origin: https://www.ngon.cc Connection: keep-alive Referer: https://www.ngon.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Wed, 22 Mar 2023 15:33:37 GMT content-type: text/plain; charset=utf-8 x-frame-options: SAMEORIGIN x-xss-protection: 0 x-content-type-options: nosniff x-download-options: noopen access-control-allow-origin: * access-control-allow-methods: POST, OPTIONS access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-max-age: 2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (64)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type