| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/ | 104.26.0.51 | 301 Moved Permanently | 0 B |
URL HTTP/1.1ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/ IP104.26.0.51:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Huntington | urlquery | phishing | Phishing - Huntington | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/ HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 00:39:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Feb 2023 01:39:18 GMT
Location: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZ9xA5iBeo9tL4RXLFaM0cNr6Y%2BdJbjEOh9lZ5wLX4TS9vllFgO2HONQMW5%2FWVQebUmBjkAjpMkWh0we9BG8UTwPrJY20ZYugYOM%2B0ln8XrvEkVGTtEdwS6tSE4v%2FEXX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794fd3f7a85fb509-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash507011ccb9124dcd57e84a90a0965cc4 1a6575d0ac979c7184490cc9836ac4812ad2afd1 01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3643
Expires: Mon, 06 Feb 2023 01:40:02 GMT
Date: Mon, 06 Feb 2023 00:39:19 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashc21ba65e44ac95470c314e068e49a9eb 17a13b13738993d889d4afa3d848dc63bf6eba64 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4078
Expires: Mon, 06 Feb 2023 01:47:17 GMT
Date: Mon, 06 Feb 2023 00:39:19 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11759
Expires: Mon, 06 Feb 2023 03:55:18 GMT
Date: Mon, 06 Feb 2023 00:39:19 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 00:36:25 GMT
content-type: application/json
age: 174
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AgEvf24o3OnR7f9biJTAX0VLWrDp4z1aFj05kgG/LN7DgR5pjFlzUXTqIJ6BK3mS0LBTbF9nYAE=
x-amz-request-id: PFNB40YKPKQF5539
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 23:53:29 GMT
age: 2750
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 00:39:19 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/aJ5_o_MKP7Y | 142.250.74.163 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/aJ5_o_MKP7Y IP142.250.74.163:0
Hash61dc6feb03e0a1965014c14f52993fa4 11f92c73d015e9ab2d30767e3777b410cf8b7e69 1e6581665c7ed22ea5d23b4cec237c2844bc2b116086bab49c414c9911ec0ce1
POST /s/gts1p5/aJ5_o_MKP7Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:39:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 00:07:20 GMT
age: 1919
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashdedf9c519ac38c4bece9c5bc895787d7 4911175c3f8a435978c5301c33c7a99a5e00a1d5 bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20633
Expires: Mon, 06 Feb 2023 06:23:12 GMT
Date: Mon, 06 Feb 2023 00:39:19 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 52.35.140.96 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.35.140.96:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PB9G3RkiBeJNZ+bBAcwmvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QoXWcZ4N3CVWHxnXpW3pUnMUd6Q=
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/lock.gif | 104.26.1.51 | 200 OK | 870 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/lock.gif IP104.26.1.51:0
File typeGIF image data, version 89a, 11 x 15\012- data Hash9be5a61c048d7cd191b6ea472a060839 e39a32796dc2e05d7fd9ca9552b9c6118aad7d6e 5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Huntington | urlquery | phishing | Phishing - Huntington |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/lock.gif HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:21 GMT
content-type: image/gif
content-length: 870
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
etag: "63e0490b-366"
expires: Wed, 08 Mar 2023 00:39:21 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSwKGRpiF%2B5%2FIv38afBCvNVwLT2wRcqSHwff8CS%2Fj%2F3NEfIqmxT0K4dZGcLHjQ%2B%2FXfGwQdWpXwzrHfAxB0k%2FSnkucB6E2%2BUNEj%2BxYoim9UyvpBxBpJuqYLGxF0qc7IYK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794fd404fc2eb512-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/oo_icon_retina_black.gif | 104.26.1.51 | 200 OK | 3.3 kB |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/oo_icon_retina_black.gif IP104.26.1.51:0
File typeGIF image data, version 89a, 18 x 18\012- data Hasha12e06853203ca600c1be91018b8b676 c8e2c4e88d37cb79ea9ddc3ed78186b409333912 62e5b1bb4bc6496956b943374fca10b7fee4af4dc15450b7772469f38b2e06b9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Huntington | urlquery | phishing | Phishing - Huntington |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/oo_icon_retina_black.gif HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:21 GMT
content-type: image/gif
content-length: 3334
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
etag: "63e0490b-d06"
expires: Wed, 08 Mar 2023 00:39:21 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qm6fRBft4zj1ppIShI3mBXFE0ompmwXGPJi9FQbV3UxIRDUhAOu3y7gvXpohSDCoub7flPYGK9UbgYI8LhEF0dZr58d%2BgQC3fW6ESQz%2FBivjH7JcV0X9MQLeQ6WuWAOP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794fd404fc29b512-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/hexlogo-footer-icon.png | 104.26.1.51 | 200 OK | 333 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/hexlogo-footer-icon.png IP104.26.1.51:0
File typePNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced\012- data Hashc1e9a6c98d1239f04c0ea6a1335d2d7d 076d67ac4d90ab1e728e8cde6dd42870a6a408f0 deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Huntington | urlquery | phishing | Phishing - Huntington |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/hexlogo-footer-icon.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:21 GMT
content-type: image/png
content-length: 333
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
etag: "63e0490b-14d"
expires: Wed, 08 Mar 2023 00:39:21 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UOAl39Zv%2Fc3CzHNhBq%2Bz0lMiJd0suqPOv6oPh3pMSjgp49toFwicjxOnaXHhH6UKy%2Bv0ckANOGQ3I6T%2Ba2dF9whv36Cy5o2HpgYDKKK%2FC4dmi55c5prZFnGcYC2uFMu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794fd404fc2fb512-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15059
Expires: Mon, 06 Feb 2023 04:50:20 GMT
Date: Mon, 06 Feb 2023 00:39:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15059
Expires: Mon, 06 Feb 2023 04:50:20 GMT
Date: Mon, 06 Feb 2023 00:39:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15059
Expires: Mon, 06 Feb 2023 04:50:20 GMT
Date: Mon, 06 Feb 2023 00:39:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15059
Expires: Mon, 06 Feb 2023 04:50:20 GMT
Date: Mon, 06 Feb 2023 00:39:21 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashccc8078cc937b7de0b299bcee1496f1b 395f04af71767acc9516387c8b07bde08968fdfe cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 8907
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha24cf7b2db6d65c3fe5daf78b3309ced a3653a9a7baea412808dd91572ff21e1a505c26f f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 10158
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashea463f7a06fe1403c18c8ce8781244a1 fbbe4b97e4b39983b36340030f6b40adc69cd485 93a12a85886512e3336d027c889a2276087976b1c9106356cc81596b88087042
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b1baa973-5b7c-4daa-af2e-e9f0b3c6a604
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzViwFG1IAMF4qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de02de-4a0c9cf45c1a20083bb838dc;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:01:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7EshPvVIwmQebOuznRkbCUTYaedh_e4PPsNWC2iyExQ942_leuLkSQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 07:31:09 GMT
age: 61692
etag: "fbbe4b97e4b39983b36340030f6b40adc69cd485"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd0c62c5956f36c9f1c5d2f17bc372d98 fca4d7140e4c391b02d734425ccc92acec568a70 eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:11:05 GMT
age: 8896
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash929818fabd5a6ee5200499ca445d121e 3951cfa614e0a8674b730c4850f6483e35f73f6a 9f56ead2f8c136f6d6906fbb8a0ee5e0fd879e8ed104512ed4edf3ba3ece6917
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8481
x-amzn-requestid: 77c27205-9d32-42d4-b2c4-e5c3941bbe72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pcuG8VoAMFTaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022b7-76fae5a943c7a1d242f7a758;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:42:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RDlRiO7e6e283A5DEKRr8kz-S9t9vlt8bzxhc_sfN3R16BygeOovhA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:40 GMT
age: 9401
etag: "3951cfa614e0a8674b730c4850f6483e35f73f6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9046d887fd45a0940e31a74173d17798 1ff698b9cf660165e846dfc4770f29852aedce45 0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 10152
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_6.html | 104.26.1.51 | 200 OK | 871 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_6.html IP104.26.1.51:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash2f023048fc8fbc53309b6695e35e6952 2c355157fd1b231516f1ed279947c71e692246fd 0f4258061d79048a03b83cc022ecd58ffa23c0fb1720461cb65cf955ba8fc25b
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_6.html HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_5.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:21 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEEsgyVVh6RUnIlgeszimUOIGZmtrs4G65VgiRotNcua06BgxjpUY%2BjdlEN4WxlmmNgOtYz%2F2ir1JHGOtHEbVBiGtSQ4nf%2BCAeOaJevWleVuHezr1ocIYbIxvI9s2iit"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd406dd69b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/logo-lg.png | 104.26.1.51 | 200 OK | 2.6 kB |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/logo-lg.png IP104.26.1.51:0
File typePNG image data, 214 x 63, 8-bit/color RGBA, non-interlaced\012- data Hash753e73fa855d3fca72f45e5e4107ca3e 3a408bcf652e664be177f8245cb62f1e08ba3282 4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Huntington | urlquery | phishing | Phishing - Huntington |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/logo-lg.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:22 GMT
content-type: image/png
content-length: 2560
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
etag: "63e0490b-a00"
expires: Wed, 08 Mar 2023 00:39:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp%2FFUy%2FHnW9X5ZFrMyE%2FdxDBcMr4wymEIR35R2eFPis7ROd7TnxOXQS5y1ahS3EWwXX8g8ch5oHUrLmQrBV1vPvYPYK00uWGVrAlFg1HjeiAaNYXhdu4ZmwIkpd8F3tz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794fd404fc2db512-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe93d3824b97e079c710934997548f8d2 9d8be7e441223b4f40c3ff090de1d26e88431ba5 86964e67da8af027ae9b12aa809e1a5caa8d976d7fefe215391916f96c2203e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4101
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:39:22 GMT
Last-Modified: Sun, 05 Feb 2023 23:31:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| onlinebanking.huntington.com/rol/Content/Images/holvthree/favicons/apple-touch-icon.png | 104.84.152.187 | 200 OK | 3.5 kB |
URL HTTP/2onlinebanking.huntington.com/rol/Content/Images/holvthree/favicons/apple-touch-icon.png IP104.84.152.187:0 ASN#20940 Akamai International B.V.
File typePNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data Hashed939fa1bb369bfa402cbe5b5141aa5b 14e94421615fc0f537789ce2e64bed781b7a67eb ebf3301597759b0e1b249344daa692ccb8e387ef22891a902a78688234e303f5
GET /rol/Content/Images/holvthree/favicons/apple-touch-icon.png HTTP/1.1
Host: onlinebanking.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-length: 3532
content-type: image/png
etag: "0a31780c15d91:0"
last-modified: Thu, 01 Dec 2022 20:14:22 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
server: Microsoft-IIS/10.0
x-content-type-options: nosniff, nosniff;
format-detection: telephone=no
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="1"
x-ua-compatible: IE=edge
expires: Mon, 06 Feb 2023 00:39:22 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 06 Feb 2023 00:39:22 GMT
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/fp.swf-cis3sid=5558704670840c247ea4973343aa3706 | 104.26.1.51 | 200 OK | 11 kB |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/fp.swf-cis3sid=5558704670840c247ea4973343aa3706 IP104.26.1.51:0
File typeMacromedia Flash data, version 7\012- data Hash2dd96d31dc7e06ebc8c60c44ae07eeee e809b22c78f22c05d2f89d3aaa707d1948954aa5 a7fe1567c2b9133a9ab30b46fe95737c212e6606e8abc9e4a36f631e0562c197
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Huntington | urlquery | phishing | Phishing - Huntington | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/fp.swf-cis3sid=5558704670840c247ea4973343aa3706 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:22 GMT
content-type: application/octet-stream
content-length: 11100
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
etag: "63e0490b-2b5c"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91REdF38P3PMwx%2FUqBGurAwmOlbyF4KdSQjoBN4XokrTE%2BNwaolLCB0PTXiFTTjeCqLLPioUQFNaxOvj5%2FsmrGerqx4MZZfn89nJH2bP8nhY3ZnBKL%2BjyCoPqskEIFlU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd40c0885b512-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/clear_001.png | 104.26.1.51 | 200 OK | 81 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/clear_001.png IP104.26.1.51:0
File typePNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data Hash1b6d2de2867a3e11063ba25aa1cd4209 bd20b0e089f31f35cba4d0fa7277e73aa74d944c 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Huntington | urlquery | phishing | Phishing - Huntington |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/clear_001.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:22 GMT
content-type: image/png
content-length: 81
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
etag: "63e0490b-51"
expires: Wed, 08 Mar 2023 00:39:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u58%2BkwVdWDiGrp%2FcqtDZsdJLXAF0gf4x8w2CAHnyAQNYw39O23oX6%2FbwSuEPsaSY2rWjGYrMmLo7NT7fe3fUydL6qAQDgTWcsPhzhlpiaUlGFWNG%2FF0jqS4VCvRmOtSQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794fd40e6a08b512-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_3.html | 104.26.1.51 | 200 OK | 3.1 kB |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_3.html IP104.26.1.51:0
File typeHTML document text\012- HTML document, ASCII text Hashd4b3cadcb479ca5996885fa31d243f90 b3aba6a8acbfcb1c066cd20d709148174218f8bf 394d8791a051b663458d7d6df2f07034f7a44377e4bddff352651ea7ff4e4fe5
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_3.html HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:22 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2UHMXKMzUxBtnrHYs0y0%2FfmmmyDQqgriDlm6v64TC8o0pxujDJJfwCr6e0%2BKOvRulA%2Fkh0jN5LnpwmeVhAMCbJ%2FarafIi3cT9I8yUuIQ%2BsY8SqnLiJa%2B9Ij2TcrLyzY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd40c1897b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/clear.png | 104.26.1.51 | 404 Not Found | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/clear.png IP104.26.1.51:0
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/clear.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 00:39:22 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAkrmxFcDAnOYdXqH1%2FGX6HByy3NFgyYWbobUjYDaaLpkE2BSLMYEPxHiPlHAT6l4SbQbKe1fB4WymrUULMfpoTQI4TjEdP%2FX0JETh1mPIF7rMY73rAruL37WbHGQFZK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794fd40c0880b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/ | 104.26.1.51 | 302 Found | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/ IP104.26.1.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/ HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:39:20 GMT
content-type: text/html; charset=UTF-8
location: login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEicLXVBigLDcb0XpI5wYJURZjG6KK0248Mi3Vzr0hroxD6tJn0HvR2qXBzx7Mm5mUZIyCDj78y%2BqNwbYDt3Lo5Q8rSe%2FD7VEpkZRsunbYcZkJjI0xco5owk09a7jJiT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd3fa1c46b512-OSL
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_8.html | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_8.html IP104.26.1.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_8.html HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:21 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBYO%2B%2FU9RICak7hOwt0JHYEvu5WDgHDArrPJNPQLc4NUX7fAeuEesTO9HEHN%2FsbZzOnk%2FCku4uE84%2FQFTXm90pPPXuc8MpV50vl5bdFSgYl36Bu30EXSC5%2BVk50Qwrkp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd404ec1db512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_9.html | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_9.html IP104.26.1.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_9.html HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:21 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VU%2FjiMmjIupxYlc65lp%2BYv%2BgPX0tjcQJ%2BWUvPTJNgEG6TcDBN95b2IxTmd%2FrMrOSjEmXhhHK%2BTqyBSst%2BhgZaHkXCj3QqFj8xnS3qqXheitW2oA7CttXWsKCoJatozsT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd404ec1eb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html IP104.26.1.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:22 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb%2FGQ8G%2BhQMIFQsQgoeAxwwskxMNvutQzNUHIEoaxVyrwtybL0nay79LnqOzcOBBWOXhDoMZw%2FMzwdLF2id6p29iYWGNUhO9ulk8iUUWe5suLgROQb7JBBlbczte2kfU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd404dc16b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/clear_002.png | 104.26.1.51 | 404 Not Found | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/clear_002.png IP104.26.1.51:0
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/clear_002.png HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 00:39:23 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlvYFdE7qxN27s7cJd16j83qqaz6bVF87oj%2BryX2Tek2mNODQYJRN%2BYI%2BeVIw7nlv0M4HV4vPcEPRfoOHbryRglAPlJR7%2Fsm7MzXmDbIGQ%2FUm19SIsyrh4yAx2iXaE0V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794fd40c0884b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/0 | 104.26.1.51 | 404 Not Found | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/0 IP104.26.1.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/0 HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 00:39:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ntutdc1995.com/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
set-cookie: ad11a069aef94a238e3ef47b2065dc64xxx=ntutdc1995.com
PHPSESSID=id8nmlp179sjvj9h8p0fc08jmt; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmcrg4tHUWCUcUdbwOZjIZFTh5J6pMrpZz%2BXj5r16O5RnTBfSxTkV%2FsbgTg7mjx1UFCOtorOnKIJrC7DoENBNJwPiIFRZumvD70hR%2FJFAI6vPCVYA6ejPsmV1RJ%2BsL1U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd404fc31b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_7.html | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_7.html IP104.26.1.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_7.html HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:21 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgK5OVBndivUffZC8%2FTGark3zj9Ly5JIDDCHnahnRFHKmujzRS5evXHaXljXHCb1YiS0cvhXCfsMISuYy1OSQxhiQeFIPO4ZMrVo%2BM8igp7H%2BauxPnpE2FC7YrZDtvV6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd404ec1cb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/0_001.dat | 104.26.1.51 | 403 Forbidden | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/0_001.dat IP104.26.1.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/0_001.dat HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
date: Mon, 06 Feb 2023 00:39:21 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wD0XuwXBoZqSVfXPKg3j5ydwXNKfc4CmpdOl0Lk9UfZV3tR1ne%2BY4bGGQMXncirq%2FC679yYi7YiTRaQ1YckbaDE98TlLpOVAPXrLWXzLsuVBCRh1vKQhpsCtXfWU107"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd404fc32b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index.css | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index.css IP104.26.1.51:0
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index.css HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/login.html?cmd=login_submit&id=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274&session=0838f9ab9bdc11f1536e97edc20252740838f9ab9bdc11f1536e97edc2025274
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:22 GMT
content-type: text/css
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
vary: Accept-Encoding
etag: W/"63e0490b-2c42"
expires: Mon, 06 Feb 2023 12:25:51 GMT
cache-control: max-age=43200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FT5A3pivwLe0aCKNIaPae7UDKtI4bX8ri02UIDwhZcHpOCcSCO16Acw%2Fj%2BSpQuzyCgWmb%2FnX2PEIlHq76L5byhSV%2FPlkNZvv8zttO3BQ%2B6wcicdi5dQMvgG6%2Be5%2BHGY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd404fc27b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_2.html | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_2.html IP104.26.1.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_2.html HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:22 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oL2QQkAX6HvsAaERMcbuhlW7zwLzaMhNNXbl90afNyy%2BybqwF7Eo%2Bq4RGteSjwHc%2FDzL4uWt17XW3PzbFXPYQbc2x0boERNW33Vi5agG3wFAtEKVZkPTmd1mtxshfpoC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd40c1895b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_4.html | 104.26.1.51 | 200 OK | 0 B |
URL HTTP/2ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_4.html IP104.26.1.51:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_4.html HTTP/1.1
Host: ntutdc1995.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntutdc1995.com/wp-content/plugins/advanced-floating-content/languages/90dd4e35102a48ddb8a84718ac0c39c1/index_1.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:39:23 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 06 Feb 2023 00:25:47 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DUdA7Vx8FoOV9LeI0I%2Fm9Bd9MRU%2BHs1o8wIdv%2FKRe3nhjjvArzZuzQcySAvtTxEkglqsFZegzj59s37EPdZSWWs3Lbi31imHO67s7ENtKYr8JmoSFLeNdp3CE8nt4dI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fd40c1898b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|