Report - congnapfreefire.com/

Report Overview

Submitted URL
congnapfreefire.com/
IP
70.32.23.63
ASN
#55293 A2HOSTING
Submitted
2022-09-15 23:08:27
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
congnapfreefire.com	unknown			5.3 kB	296 kB	70.32.23.63
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-17T08:44:25Z	374 B	63 kB	142.250.74.72
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-17T10:40:56Z	814 B	757 B	142.250.74.3
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	44.242.41.15
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-17T10:38:51Z	4.4 kB	106 kB	142.250.74.163
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T10:42:19Z	329 B	737 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.2 kB	53 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.49
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	4.6 kB	9.8 kB	142.250.74.3
www.google.com	7	2015-05-10T13:11:19Z	2023-03-17T10:46:21Z	367 B	16 kB	142.250.74.164
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-17T11:35:34Z	830 B	2.0 kB	216.58.207.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-15	medium	congnapfreefire.com/	Phishing
2022-09-15	medium	congnapfreefire.com/js/napthe.js	Phishing
2022-09-15	medium	congnapfreefire.com/js/bootstrap.js	Phishing
2022-09-15	medium	congnapfreefire.com/js/jquery-3.2.1.min.js	Phishing
2022-09-15	medium	congnapfreefire.com/images/freefire-icon.webp	Phishing
2022-09-15	medium	congnapfreefire.com/fonts/fontawesome-webfont.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	congnapfreefire.com/	320 B	2023-03-17	2023-03-17
Pretty URL congnapfreefire.com/ IP 70.32.23.63 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:29:37 Last Seen2023-03-17 12:29:37 Times Seen1 Hash 21fc74efcd88717934de4d4c4299a722 32b0e9374c45c05e2ed6bfa910a7c5574728963b 20118a586dc513f8da8e12ce1424f329255485048b03471b3cf6d62024397e97 Loading...

	congnapfreefire.com/js/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-05-11
Pretty URL congnapfreefire.com/js/jquery-3.2.1.min.js IP 70.32.23.63 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-11 04:21:40 Times Seen65857 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	congnapfreefire.com/js/napthe.js	2.3 kB	2023-03-07	2023-03-17
Pretty URL congnapfreefire.com/js/napthe.js IP 70.32.23.63 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:55 Last Seen2023-03-17 12:29:54 Times Seen1 Hash 2637148cd194b68c423ccfe266c4ff34 2ee1ec6dba7690924f5666576aa2e66cf0c474f4 61c2fabcd25254743602e13e34229ae325c1ac9e7a7e46001722d63461e7ab87 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/452193219/?random=1663283282139&cv=9&fst=1663283282139&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcongnapfreefire.com%2F&tiba=N%E1%BA%A1p%20Th%E1%BA%BB%20Free%20Fire%20-%20N%E1%BA%A1p%20Kim%20C%C6%B0%C6%A1ng%20FF&auid=1856289341.1663283282&hn=www.google.com&async=1&rfmt=3&fmt=4	2.4 kB	2023-03-17	2023-03-17
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/452193219/?random=1663283282139&cv=9&fst=1663283282139&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcongnapfreefire.com%2F&tiba=N%E1%BA%A1p%20Th%E1%BA%BB%20Free%20Fire%20-%20N%E1%BA%A1p%20Kim%20C%C6%B0%C6%A1ng%20FF&auid=1856289341.1663283282&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 216.58.207.226 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:29:37 Last Seen2023-03-17 12:29:37 Times Seen1 Hash 603ef87f7a2cd45b3fcf74adffae4d94 39056a1ca2c5e55ebe910a09181ce27848cb60b8 ffca3176321c89b942e214bed6373370dd4b8020af27523c35dd44bd0fce3c7a Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 05:02:18 Times Seen37534879 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	congnapfreefire.com/	153 B	2023-03-07	2023-03-17
Pretty URL congnapfreefire.com/ IP 70.32.23.63 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:39:47 Last Seen2023-03-17 12:29:37 Times Seen1 Hash 2437552132f6260a7e5ea5c1a00cae96 82db043de74bc3a0014fb1bdd0453bbf4da8b954 80c5a9506cb2ab882d9ab8ab696b1f0e1636caa408654371bb85f29eb93a847a Loading...

	congnapfreefire.com/	43 B	2023-03-17	2023-03-17
Pretty URL congnapfreefire.com/ IP 70.32.23.63 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:29:37 Last Seen2023-03-17 12:29:37 Times Seen1 Hash 3b61d1b7016ccfbbe7644c3a85cfc5d0 5ec7b919ecaee0386d6b8a4f1ef2103975cea0f0 3170762cb498a94c32145185fad87a961af2738d927008b0d16297dcd765b669 Loading...

	congnapfreefire.com/js/bootstrap.js	49 kB	2023-03-07	2024-05-01
Pretty URL congnapfreefire.com/js/bootstrap.js IP 70.32.23.63 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:55 Last Seen2024-05-01 19:17:01 Times Seen396 Hash fe1457ee36b1ce754d11d5708492c960 03efb6335562caf52cb91eb3e7c2f5f18c62fb96 65f97dab23e8383e4f9e5b07722014f704b9cb5dc820086014ec715c55e75e33 Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-07	2023-03-17
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:19 Last Seen2023-03-17 12:30:23 Times Seen1 Hash 70049e468e315dbffce0c07753fca6f9 6c1cb5e25675de7746ed7dbb4d103aba9faabea0 94cc0d6d41e4b4bcde2f4f3d6292224215a698f20ffe7915c04cb55146537266 Loading...

HTTP Transactions (62)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 22:10:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vF_dFtGjGupBdXh97y_BO0FKcdUTHvwuL4-e9b4tjMT83OE18pTS7A==
Age: 3457

congnapfreefire.com/

70.32.23.63

200 OK

6.1 kB

URL HTTP/1.1
congnapfreefire.com/
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (709), with CRLF line terminators
Size
6.1 kB (6107 bytes)
Hash
cdc27d420f12dc917f849e2e5301e822
a111778f815d682227e6df2b8ec102df6098437b
bf25dd2f0dc32745962b675a7b269b4b256bf0ab70803ded9546765057cb687b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 Jul 2022 00:45:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600, must-revalidate
Content-Length: 6107
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
96daaf84cd2c07756756caf7a2724a29
d24d47c68eec98d44bf341dab9d893df97103e1a
fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14785
Expires: Fri, 16 Sep 2022 03:14:41 GMT
Date: Thu, 15 Sep 2022 23:08:16 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DChbGV0HTA8sWO3vu8YxNV0JKzV8nWuE1qD5qRm25xUiiucfQadDig==
age: 66781
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 23:08:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

congnapfreefire.com/css/font-awesome.min.css

70.32.23.63

200 OK

7.1 kB

URL HTTP/1.1
congnapfreefire.com/css/font-awesome.min.css
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7053 bytes)
Hash
52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6

HTTP Headers

GET /css/font-awesome.min.css HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 7053
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

congnapfreefire.com/css/bootstrap.css

70.32.23.63

200 OK

6.9 kB

URL HTTP/1.1
congnapfreefire.com/css/bootstrap.css
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (37034)
Size
6.9 kB (6872 bytes)
Hash
813e4768325a9bcae3216efc104f635e
aeb2ce489ab2704eb0fcc3b7521b10983f085dd6
556db755bfe00bc1e206187490ed1efb97bd58d2fab97d1f5948c54e930747b4

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 6872
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: text/css

www.googletagmanager.com/gtag/js?id=AW-452193219

142.250.74.72

200 OK

62 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-452193219
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3013)
Size
62 kB (61870 bytes)
Hash
a5d45da33348a273314ea252a33cea56
2434c9740770b045d0b572c674d7a9e4b552edde
0432aec6763e8227929c72f77c59d82cc162c1c1577fb37e1089062136356a0c

HTTP Headers

GET /gtag/js?id=AW-452193219 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 23:08:17 GMT
expires: Thu, 15 Sep 2022 23:08:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 61870
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

congnapfreefire.com/css/style.css

70.32.23.63

200 OK

6.0 kB

URL HTTP/1.1
congnapfreefire.com/css/style.css
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
ASCII text, with CRLF line terminators
Size
6.0 kB (5974 bytes)
Hash
1a63d3bf4f16a4979c33ff4e3ece1a5d
5faeb0635b2ee9c7754bfc4b2ec9d647e5438433
58ad900fba6c8a3a64b0957e2dde1c2ac6242ba3426aa7131611563893321595

HTTP Headers

GET /css/style.css HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Sun, 10 Jul 2022 15:28:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 5974
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: text/css

congnapfreefire.com/js/napthe.js

70.32.23.63

200 OK

759 B

URL HTTP/1.1
congnapfreefire.com/js/napthe.js
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
Unicode text, UTF-8 text
Size
759 B (759 bytes)
Hash
534a637e0d9342c532cb6c46a390aaa7
8ae8475649b5a0ef8e54b2930503f12f4802fd12
7c125695a5a3b70a4ed69fc2621b62fe8ee3af03fd1f74b52ebb103f26078ec1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/napthe.js HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 759
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: application/javascript

congnapfreefire.com/js/bootstrap.js

70.32.23.63

200 OK

13 kB

URL HTTP/1.1
congnapfreefire.com/js/bootstrap.js
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (48664)
Size
13 kB (13075 bytes)
Hash
365f894482202f8fdd96767d6cf998ba
30cde30beedfb67469b9f639b804fc9aeed5a4f7
7dc3c0729bb46b66f95f8fdfd75ff5a6e7704063a0c7d83e90d5e566a7bf8715

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/bootstrap.js HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 13075
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: application/javascript

congnapfreefire.com/js/jquery-3.2.1.min.js

70.32.23.63

200 OK

30 kB

URL HTTP/1.1
congnapfreefire.com/js/jquery-3.2.1.min.js
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (32058)
Size
30 kB (30138 bytes)
Hash
3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-3.2.1.min.js HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 30138
Keep-Alive: timeout=3, max=500
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

congnapfreefire.com/images/email-300x51.png

70.32.23.63

200 OK

4.7 kB

URL HTTP/1.1
congnapfreefire.com/images/email-300x51.png
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
PNG image data, 300 x 51, 8-bit colormap, non-interlaced\012- data
Size
4.7 kB (4665 bytes)
Hash
42c385ecb9e6d40eb46749ffe1900c84
420306d4b2ada28e36a752b938eb8a2f6a177e36
d0e2614f7d32ad0dfb0f5b46447b30dc690b61aa56c5d141471d1198e26af1ce

HTTP Headers

GET /images/email-300x51.png HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 4665
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/png

congnapfreefire.com/images/wa-300x51.png

70.32.23.63

200 OK

4.9 kB

URL HTTP/1.1
congnapfreefire.com/images/wa-300x51.png
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
PNG image data, 300 x 51, 8-bit colormap, non-interlaced\012- data
Size
4.9 kB (4875 bytes)
Hash
6728fb7e1cafe182e67067055a3ffa73
c8dc1a63f0b679597240757f3cc95b0fed5e1cc6
0fc0de0466bd2e077318448bd8580cefe1470065ad1fcc80f5b23265481f3e53

HTTP Headers

GET /images/wa-300x51.png HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 4875
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/png

congnapfreefire.com/images/fb-300x51.png

70.32.23.63

200 OK

6.2 kB

URL HTTP/1.1
congnapfreefire.com/images/fb-300x51.png
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
PNG image data, 300 x 51, 8-bit/color RGB, non-interlaced\012- data
Size
6.2 kB (6168 bytes)
Hash
315381517fbc4afca13b1de4e8ab8cf1
792df3171f54faa8b38b4be67c64a56f01507c09
38fc8f95ed135c20a3bbf67ea11932102638abb363e803d84851e2149b4a4b39

HTTP Headers

GET /images/fb-300x51.png HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 6168
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2

142.250.74.163

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14380, version 1.0\012- data
Size
14 kB (14380 bytes)
Hash
33543c5cc5d88f5695dd08c87d280dfd
600db9374e47e4f73a59ccc0a99bcc42f4a3e02a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

HTTP Headers

GET /s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://congnapfreefire.com
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14380
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 22:39:30 GMT
expires: Tue, 12 Sep 2023 22:39:30 GMT
cache-control: public, max-age=31536000
age: 260927
last-modified: Tue, 23 Jul 2019 19:30:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2

142.250.74.163

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11708, version 1.0\012- data
Size
12 kB (11708 bytes)
Hash
63f785f075cfde69c82083dfed7415b2
48d7da82ec7146b7296c3c6ccbea087b9d809a3b
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145

HTTP Headers

GET /s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://congnapfreefire.com
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 21:59:29 GMT
expires: Mon, 11 Sep 2023 21:59:29 GMT
cache-control: public, max-age=31536000
age: 349728
last-modified: Tue, 23 Jul 2019 19:30:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15640, version 1.0\012- data
Size
16 kB (15640 bytes)
Hash
6b222561afc4a71b9888f2ec060b72de
8c65d3b85a37264f4378e61cbf37ebad1adc02fb
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

HTTP Headers

GET /s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://congnapfreefire.com
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 10:12:04 GMT
expires: Sat, 09 Sep 2023 10:12:04 GMT
cache-control: public, max-age=31536000
age: 564973
last-modified: Tue, 23 Jul 2019 03:48:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2

142.250.74.163

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11996, version 1.0\012- data
Size
12 kB (11996 bytes)
Hash
ecc12f386550ab5afda642668f6b7b60
6be5d862def58ea5c30879afa237526c075779fb
22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6

HTTP Headers

GET /s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://congnapfreefire.com
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11996
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 09:03:56 GMT
expires: Sun, 10 Sep 2023 09:03:56 GMT
cache-control: public, max-age=31536000
age: 482661
last-modified: Tue, 23 Jul 2019 03:48:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFW50bbck.woff2

142.250.74.163

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFW50bbck.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11316, version 1.0\012- data
Size
11 kB (11316 bytes)
Hash
6923b1967484e2b12e1016fb33061791
9d448e528df62ea568b6a1657b8c3e64fac760f8
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

HTTP Headers

GET /s/opensans/v17/mem8YaGs126MiZpBA-UFW50bbck.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://congnapfreefire.com
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 02:03:35 GMT
expires: Sun, 10 Sep 2023 02:03:35 GMT
cache-control: public, max-age=31536000
age: 507882
last-modified: Tue, 23 Jul 2019 19:30:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

142.250.74.163

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Size
15 kB (15056 bytes)
Hash
0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

HTTP Headers

GET /s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://congnapfreefire.com
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 01:47:31 GMT
expires: Sun, 10 Sep 2023 01:47:31 GMT
cache-control: public, max-age=31536000
age: 508846
last-modified: Tue, 23 Jul 2019 19:30:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

congnapfreefire.com/images/freefire-icon.webp

70.32.23.63

200 OK

60 kB

URL HTTP/1.1
congnapfreefire.com/images/freefire-icon.webp
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
RIFF (little-endian) data, Web/P image\012- data
Size
60 kB (59520 bytes)
Hash
3e74ec6400bc45c21df158f244788b3f
b349e8eedfb962c69f362b4c9ffb9a57a577e4c8
ad73b7948bf3b4030acf346e0e0a3e2a38274a9660ff3d2687ebd4f4ed84005f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /images/freefire-icon.webp HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 14:27:49 GMT
Accept-Ranges: bytes
Content-Length: 59520
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: image/webp

congnapfreefire.com/images/free-fire-banner.jpg

70.32.23.63

200 OK

37 kB

URL HTTP/1.1
congnapfreefire.com/images/free-fire-banner.jpg
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 730x300, components 3\012- data
Size
37 kB (36676 bytes)
Hash
43045e3d3948ab896216e481b40330b3
3e5d4ca926301ff868e62b03a2bab7fa2c0e3e49
491b8ee2b3a2be4d68a7c3baa1e29047330a4fc5716415f66bdb039f72bf4de4

HTTP Headers

GET /images/free-fire-banner.jpg HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 36676
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/jpeg

fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFWp0bbck.woff2

142.250.74.163

200 OK

6.0 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFWp0bbck.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 6028, version 1.0\012- data
Size
6.0 kB (6028 bytes)
Hash
c080b58a879bd805fe0a72a9200f04ed
6e750399028a4855eafaacd1d584675c40db9390
1e7989a712c24edfccaaa0e22d070bc9ab782660c554032dfa247c6e162ef0cd

HTTP Headers

GET /s/opensans/v17/mem8YaGs126MiZpBA-UFWp0bbck.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://congnapfreefire.com
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 20:36:13 GMT
expires: Wed, 13 Sep 2023 20:36:13 GMT
cache-control: public, max-age=31536000
age: 181924
last-modified: Tue, 23 Jul 2019 19:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2

142.250.74.163

200 OK

5.5 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5456, version 1.0\012- data
Size
5.5 kB (5456 bytes)
Hash
2a9e4ea5d740ebaba8fa4b2a8b149840
59843d61de836fffd49618ff78966e0286ea0dfa
99d2753e7cac869419c55b50657f539964e7191ced24f052d2ca4aa6eff42b5c

HTTP Headers

GET /s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://congnapfreefire.com
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 10:18:56 GMT
expires: Wed, 13 Sep 2023 10:18:56 GMT
cache-control: public, max-age=31536000
age: 218961
last-modified: Tue, 23 Jul 2019 03:48:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXehpOqc.woff2

142.250.74.163

200 OK

6.2 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXehpOqc.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 6236, version 1.0\012- data
Size
6.2 kB (6236 bytes)
Hash
42a93d4a57407943c9df8b5185ba7d4b
1365916dd3d96d1b1884f0b508c90b5799b3950b
a65d3a235752463d0b425c2381a9db129fd52a7d7ecc69845f3d0b3f9e51c6f9

HTTP Headers

GET /s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXehpOqc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://congnapfreefire.com
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 05:07:42 GMT
expires: Mon, 11 Sep 2023 05:07:42 GMT
cache-control: public, max-age=31536000
age: 410435
last-modified: Tue, 23 Jul 2019 19:31:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

congnapfreefire.com/images/zl-300x51.png

70.32.23.63

200 OK

4.2 kB

URL HTTP/1.1
congnapfreefire.com/images/zl-300x51.png
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
PNG image data, 300 x 51, 8-bit colormap, non-interlaced\012- data
Size
4.2 kB (4155 bytes)
Hash
f9bb09b0f53b52a58a27a6312793e7e7
4f0a44281c61e751d48429992895365d431055f0
67adc1e61d593d48e83e4ae06eff97c702cc7a513556a6469b0ffeadcd31a8bf

HTTP Headers

GET /images/zl-300x51.png HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 4155
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/png

congnapfreefire.com/images/logo.png

70.32.23.63

200 OK

5.5 kB

URL HTTP/1.1
congnapfreefire.com/images/logo.png
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
PNG image data, 254 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5512 bytes)
Hash
c1eed178e318d3f5f6042267a10196e4
d9313e7eb6d8814ca69c98bb9ca7fc293a3b3dcc
2b76c710b8469dc416820bfff6cdb53a5ab2f0fdfb673074bf530e272aed402c

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 5512
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/png

congnapfreefire.com/images/tlg-300x51.png

70.32.23.63

200 OK

4.8 kB

URL HTTP/1.1
congnapfreefire.com/images/tlg-300x51.png
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
PNG image data, 300 x 51, 8-bit colormap, non-interlaced\012- data
Size
4.8 kB (4792 bytes)
Hash
2a4fc029a63fb8fa327438283b8142c7
47a71b3fc50a8a9cc137e0276d31cc693e7b6da2
74787a9648caf41c27d7dd00eccf6b9b7c3178b00171acccf8906a6a4962b40b

HTTP Headers

GET /images/tlg-300x51.png HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:17 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=604800, public
Content-Length: 4792
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/png

congnapfreefire.com/fonts/fontawesome-webfont.woff2

70.32.23.63

200 OK

77 kB

URL HTTP/1.1
congnapfreefire.com/fonts/fontawesome-webfont.woff2
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://congnapfreefire.com/css/style.css
Cookie: _gcl_au=1.1.1856289341.1663283282

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:16 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=3, max=499
Connection: Keep-Alive
Content-Type: font/woff2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 23:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 15 Sep 2022 23:35:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IOl8TUzw1IZ76cYsfvMv_a2wFNDlAupaUsLyEBAODeVbeT1xZodShQ==
Age: 295

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
91dad4479f7dcb623266cf0dcfef5875
9fcf1f0e16c17a43021ab8fb01089d2d9c9f1d3a
0dc4f9c3ecdccb7e1b7a651c72ee63acc06482b362f060547534c3196e561412

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

16 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1623)
Size
16 kB (15687 bytes)
Hash
4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 15 Sep 2022 23:08:17 GMT
expires: Thu, 15 Sep 2022 23:08:17 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

congnapfreefire.com/images/favicon.ico

70.32.23.63

200 OK

15 kB

URL HTTP/1.1
congnapfreefire.com/images/favicon.ico
IP
70.32.23.63:0
ASN
#55293 A2HOSTING

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15406 bytes)
Hash
b0aec76b9176efb8be8da247f2bf982d
730543ee8ee1f29129585e77e68a3e8bdc89bffb
ccb6b428e766351a206f92ffb7dc078dd5607826bc899e471ccb232fae8e5edd

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: congnapfreefire.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://congnapfreefire.com/
Cookie: _gcl_au=1.1.1856289341.1663283282

HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:08:17 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Mar 2022 11:36:40 GMT
Accept-Ranges: bytes
Content-Length: 15406
Cache-Control: max-age=604800, public
Keep-Alive: timeout=3, max=498
Connection: Keep-Alive
Content-Type: image/x-icon

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ff1c0d8a380ce4a561609526d995bf5
135ecd7e71ea2823d39f8c1efcb2121618ed8167
f7228281af8d6de222aa47b3a78a627f85315244e65a8956fa2c0c7dff1bb7ad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5525
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Last-Modified: Thu, 15 Sep 2022 21:36:12 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f94c38b92316f91765ceed606f9f4ea
03442fbbe884ceac60c9585a8bbc0b87278523fd
70df317dbe22ae71bcc285fc0ea2185a11822856187a6c235c758df3f63eb75f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/452193219/?random=1663283282139&cv=9&fst=1663283282139&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcongnapfreefire.com%2F&tiba=N%E1%BA%A1p%20Th%E1%BA%BB%20Free%20Fire%20-%20N%E1%BA%A1p%20Kim%20C%C6%B0%C6%A1ng%20FF&auid=1856289341.1663283282&hn=www.google.com&async=1&rfmt=3&fmt=4

216.58.207.226

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/452193219/?random=1663283282139&cv=9&fst=1663283282139&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcongnapfreefire.com%2F&tiba=N%E1%BA%A1p%20Th%E1%BA%BB%20Free%20Fire%20-%20N%E1%BA%A1p%20Kim%20C%C6%B0%C6%A1ng%20FF&auid=1856289341.1663283282&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2374), with no line terminators
Size
1.1 kB (1063 bytes)
Hash
cd059b7afb616edf07464e8645640c89
0f1c893318cfe678702664c88495669ad75a483d
8d4afc1adc226ea7921a88a571ccaa3fc3c39ef0c4ccea0c7287c5a8b8a0ac16

HTTP Headers

GET /pagead/viewthroughconversion/452193219/?random=1663283282139&cv=9&fst=1663283282139&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcongnapfreefire.com%2F&tiba=N%E1%BA%A1p%20Th%E1%BA%BB%20Free%20Fire%20-%20N%E1%BA%A1p%20Kim%20C%C6%B0%C6%A1ng%20FF&auid=1856289341.1663283282&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 23:08:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1063
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Sep-2022 23:23:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f94c38b92316f91765ceed606f9f4ea
03442fbbe884ceac60c9585a8bbc0b87278523fd
70df317dbe22ae71bcc285fc0ea2185a11822856187a6c235c758df3f63eb75f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db503d6c6780cb1b8dfeffa10a50eada
51a459bdc02f20576031f526be6788f653095d94
b7a653d3c381c6cea5b6838aea01a7de8ea5c2d8bdf5ff92c4cd5c22829c8e8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/452193219/?random=1663283282139&cv=9&fst=1663282800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcongnapfreefire.com%2F&tiba=N%E1%BA%A1p%20Th%E1%BA%BB%20Free%20Fire%20-%20N%E1%BA%A1p%20Kim%20C%C6%B0%C6%A1ng%20FF&async=1&fmt=3&is_vtc=1&random=4014978018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/452193219/?random=1663283282139&cv=9&fst=1663282800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcongnapfreefire.com%2F&tiba=N%E1%BA%A1p%20Th%E1%BA%BB%20Free%20Fire%20-%20N%E1%BA%A1p%20Kim%20C%C6%B0%C6%A1ng%20FF&async=1&fmt=3&is_vtc=1&random=4014978018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/452193219/?random=1663283282139&cv=9&fst=1663282800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fcongnapfreefire.com%2F&tiba=N%E1%BA%A1p%20Th%E1%BA%BB%20Free%20Fire%20-%20N%E1%BA%A1p%20Kim%20C%C6%B0%C6%A1ng%20FF&async=1&fmt=3&is_vtc=1&random=4014978018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://congnapfreefire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 23:08:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db503d6c6780cb1b8dfeffa10a50eada
51a459bdc02f20576031f526be6788f653095d94
b7a653d3c381c6cea5b6838aea01a7de8ea5c2d8bdf5ff92c4cd5c22829c8e8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.242.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.242.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jbcmF4GLuDEdyjLnwMxdgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ccdlGddDlg91bDQ14wpMitBdK4g=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18072
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Thu, 15 Sep 2022 23:08:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18072
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Thu, 15 Sep 2022 23:08:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18072
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Thu, 15 Sep 2022 23:08:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18072
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Thu, 15 Sep 2022 23:08:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18072
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Thu, 15 Sep 2022 23:08:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4955 bytes)
Hash
8bedb04287b8f09d30fed0ae386b9bcc
2b8a6de0faac5c1a99b48c28da9c05f520ef6add
cec3955f3330184ace4388b7c00262b52c9ca43e9ece6fb8f2fdec2ee9e53a9e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4955
x-amzn-requestid: e7c21397-14e0-42fd-86f3-3f1e6940da8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0zG1uIAMF_mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b51-386abef75b6435a0656e86cd;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w0izptVhe4GTDP0l4M18uTvK6vQeKiiaGSZ5UfZATWGIyjL5C8sURQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:55:30 GMT
etag: "2b8a6de0faac5c1a99b48c28da9c05f520ef6add"
content-type: image/jpeg
age: 4369
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6820 bytes)
Hash
6572617127bde36c63aa1163e3352688
d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c
91fdabb99b1317407413b424f50ad025c0578a57d89a0f4c8228d91a36b8e6c0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6820
x-amzn-requestid: 3aab395b-9355-4a3a-b033-73420df43ee5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUksFUxoAMFr4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239aea-5be8dbdf57158b0e37ee719f;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I8QSOY13buUN6y89zoSzcjZmV8EygMJUdiPiVouUi4a5LHBJ3AM3wQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:48:32 GMT
age: 4787
etag: "d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e1c925-7f52-4acd-b350-ece9de960341.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9349 bytes)
Hash
f61608eae6c6b04627343f86832ba892
89c6a9d2cbe149235409a42424a0c7c91593d7fb
382e3f8d016a88e952f6a8da65b8933c345497bcb7b76cd27ad58ec021e023a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e1c925-7f52-4acd-b350-ece9de960341.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: a4654952-01b4-43cf-a4a5-638a012cc3e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVAAH5foAMFqFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b99-4d4883b824ac4fcf14a53983;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E1ybwRysIph_3C8YOM81bvRNYk9q8AdOij_mIzLgDkRF7d88DA4PNg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
age: 4664
etag: "89c6a9d2cbe149235409a42424a0c7c91593d7fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf0d71b3-30ed-483e-8bef-18d7a833ff57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6560 bytes)
Hash
300d3b6181f9bcb7318b0706646787fa
9cf371e2ecdd46de7ea1290bb158b144a9de57bb
7059364a6076210e603301e0e3ad0009a5c1cd0b8821e321f704532e17b95e5e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf0d71b3-30ed-483e-8bef-18d7a833ff57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6560
x-amzn-requestid: 0532b908-dbda-4d51-8574-dba85e33bfcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUrG7GTnoAMF9-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e8bc5-35c25a2a76c8e0db6d7b06df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 01:30:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Xvgf5sF1GJNaJ2uERewkTcfwr3cUHVwU8-CXI7fK2K4t6JCsyPnzJg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:27:11 GMT
age: 2468
etag: "9cf371e2ecdd46de7ea1290bb158b144a9de57bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10163 bytes)
Hash
3a4ed510756efe784c4ca84c61c4b5ba
10262867cfb19d3ba8f618e235d1a98531048f34
b5ba0de5ce381579e49e3e3c23244048fc8aac693ce0c977560f28b9a51f6a0b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10163
x-amzn-requestid: 7c849e5d-468e-4f6a-ad44-c7995bfa81bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvuGFU5oAMF_Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202cc0-5376d2432c79a3146b6c29f4;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XGVoNQZeoG0AQ6LabPW2Zg7pAQqdl-bGTFAhbNpLlgTWNWx55-wEUQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:14 GMT
age: 4985
etag: "10262867cfb19d3ba8f618e235d1a98531048f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8551 bytes)
Hash
c6df210d4ad73c1cb4bf14a8b68aaaf6
50cb093cd31e53a67e0a27d9ce9439fbb8a03df8
832d746a04665e8fd808e02a3d4c4d2525fb55e8685f2c654836ebea37c4ca92

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8551
x-amzn-requestid: fcb8406f-a0a4-463a-8d6c-86a465867db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUkiG2FIAMFQsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae9-4e2927b52b5ac3f907f52027;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f7ER8lbphHucpnBSlWF1oGktAVq-lmLrZQUtLCSXrkEYdhYYaX6W3g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:53 GMT
age: 4946
etag: "50cb093cd31e53a67e0a27d9ce9439fbb8a03df8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP