Report - newyear2023.xn--napth-351b.vn/app/fifa-online-4

Report Overview

Submitted URL
newyear2023.xn--napth-351b.vn/app/fifa-online-4
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-05-18 15:43:03
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
70

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-05-17	427 B	65 kB	185.244.209.62
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-18	330 B	964 B	172.64.155.188
newyear2023.xn--napth-351b.vn	unknown	unknown	2023-01-02	2023-05-16	7.2 kB	514 kB	188.114.97.1
cdngarenanow-a.akamaihd.net	6968	2009-09-14	2017-01-31	2023-05-16	965 B	16 kB	23.36.76.187
cdn.vn.garenanow.com	74387	2010-09-27	2013-11-06	2023-05-18	463 B	79 kB	45.119.240.104

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-07	medium	newyear2023.xn--napth-351b.vn/app/fifa-online-4
2023-05-16	medium	newyear2023.xn--napth-351b.vn/
2023-05-16	medium	newyear2023.xn--napth-351b.vn/

PhishTank

Scan Date	Severity	Indicator
2023-03-08	medium	newyear2023.xn--napth-351b.vn/images/gate.png
2023-03-08	medium	newyear2023.xn--napth-351b.vn/images/logo.png
2023-03-08	medium	newyear2023.xn--napth-351b.vn/images/viettel.png
2023-03-08	medium	newyear2023.xn--napth-351b.vn/images/vinaphone.png
2023-03-08	medium	newyear2023.xn--napth-351b.vn/css/napthe1.css
2023-03-08	medium	newyear2023.xn--napth-351b.vn/images/vietnamobile.png
2023-03-08	medium	newyear2023.xn--napth-351b.vn/images/mobifone.png
2023-03-08	medium	newyear2023.xn--napth-351b.vn/js/custom1.js
2023-03-08	medium	newyear2023.xn--napth-351b.vn/css/bootstrap.min.css
2023-03-08	medium	newyear2023.xn--napth-351b.vn/css/style.css
2023-03-08	medium	newyear2023.xn--napth-351b.vn/images/favicon.ico
2023-03-08	medium	newyear2023.xn--napth-351b.vn/js/bootstrap.min.js
2023-03-08	medium	newyear2023.xn--napth-351b.vn/app/fifa-online-4
2023-03-08	medium	newyear2023.xn--napth-351b.vn/js/jquery-3.2.1.min.js
2023-03-08	medium	newyear2023.xn--napth-351b.vn/js/kensine.js

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-18	medium	newyear2023.xn--napth-351b.vn/js/custom1.js
2023-05-18	medium	newyear2023.xn--napth-351b.vn/js/bootstrap.min.js
2023-05-18	medium	newyear2023.xn--napth-351b.vn/app/fifa-online-4
2023-05-18	medium	newyear2023.xn--napth-351b.vn/js/jquery-3.2.1.min.js
2023-05-18	medium	newyear2023.xn--napth-351b.vn/js/kensine.js

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	newyear2023.xn--napth-351b.vn/js/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-11
Pretty URL newyear2023.xn--napth-351b.vn/js/jquery-3.2.1.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:33 Last Seen2024-04-11 16:16:21 Times Seen974 Hash 27a8f25e65bfe1872ebd62e021a0c6ca 9f835084914c0f4403a080fb7de4abe0d210adf8 d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f Loading...

	newyear2023.xn--napth-351b.vn/js/bootstrap.min.js	37 kB	2023-03-07	2023-10-23
Pretty URL newyear2023.xn--napth-351b.vn/js/bootstrap.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:08:42 Last Seen2023-10-23 04:33:35 Times Seen172 Hash 35e78bb2df69fc12053f9778e2ff2a93 ae8c8a930fd890ee61a9c82a7e85dd22918db7a6 9c7467cb2e579a31a8c0ab41c8557559bf538340fbb8632f6aa2b977aa22bf0a Loading...

	newyear2023.xn--napth-351b.vn/js/custom1.js	268 B	2023-03-10	2023-10-21
Pretty URL newyear2023.xn--napth-351b.vn/js/custom1.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:06:45 Last Seen2023-10-21 02:13:37 Times Seen69 Hash 175c9ac94d0be26a710753e511f92f05 1ebc0453ec709a50ae46fb9de4d5e6a642f46331 9f43bd89f34459391987b8760a4f36c308914bd71a49f0abade5ad9743dc4681 Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	64 kB	2023-05-04	2023-10-16
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 185.244.209.62 ASN #58286 Electric-IT Business S.R.L. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-04 16:31:10 Last Seen2023-10-16 20:13:38 Times Seen448 Hash c10306ea9c7731da5e8282aad988d42a 2f051222a227533c602d931af52fc78649fe0689 f40b487eeb315e2d23e335dd4b14626459f4836d8e05d9533b805db1cdb3fed6 Loading...

	newyear2023.xn--napth-351b.vn/js/kensine.js	101 kB	2023-03-10	2023-11-10
Pretty URL newyear2023.xn--napth-351b.vn/js/kensine.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:06:45 Last Seen2023-11-10 04:52:42 Times Seen128 Hash 08e463af2e6c57ce1f3e897d41886f30 3aab4b4023019ee6f4df0b804afa76efad8e7f1d fd64d6b99d7adb77f3670043ff1db3729d758130e130c25702d74eccb67c5eb0 Loading...

	newyear2023.xn--napth-351b.vn/app/fifa-online-4	888 B	2023-04-07	2023-10-21
Pretty URL newyear2023.xn--napth-351b.vn/app/fifa-online-4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 19:09:26 Last Seen2023-10-21 02:13:37 Times Seen57 Hash 67816ee8dfaa29771f32a6c39f1f8ed6 448ac4cf2ed3e91386299e1775f976efa7d1d58b 2d87a833d894f1fbceeb19f3e146895b4a79423a9fa058ae6989eed55da609a0 Loading...

	newyear2023.xn--napth-351b.vn/app/fifa-online-4	2 B	2023-03-07	2024-04-18
Pretty URL newyear2023.xn--napth-351b.vn/app/fifa-online-4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-18 08:47:14 Times Seen13012 Hash e1c06d85ae7b8b032bef47e42e4c08f9 71853c6197a6a7f222db0f1978c7cb232b87c5ee 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Loading...

HTTP Transactions (20)

URL IP Response Size

ocsp.sectigo.com/

172.64.155.188

472 B

URL
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
41035de57d03043d5c0b2e079d21a611
0d780a6ffb55f5928f4909eb2837313f34d666f5
e2e7ad07380d1c8aede61ef0d50831b3a1ab3c5a2a886618745f866be99afc8b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 May 2023 15:42:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 15 May 2023 23:50:07 GMT
Expires: Mon, 22 May 2023 23:50:06 GMT
Etag: "0d780a6ffb55f5928f4909eb2837313f34d666f5"
Cache-Control: max-age=374540,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c953640e894b500-OSL

newyear2023.xn--napth-351b.vn/images/gate.png

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/images/gate.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
PNG image data, 256 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11515 bytes)
Hash
7ffe1927eafd3290df6ef7b8e9751fb4
60e1f543fa7f8908e87eecee21697b3d275b645e
ca9cc282a26cb3e6c9a65d4d7ab323690e68f18b9c5a54a6f6297b1577e791aa

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /images/gate.png HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: image/png
content-length: 11515
cache-control: public, max-age=2629000
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWHJ4o%2FGorXCeyDp9wD4HCCPYdXZYN9CNEqsrJOjVJqFTryeUmrG7uiLK27bXINOES9ItAVJjNExjtCztyYlX%2F8j2aGglcgYMvJDOze0qFzqWLhKdCJz69cGgUrGwxTqEXfMKdN1zqx0i5AAaRHFvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c9536408cdcb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/images/logo.png

188.114.97.1

200 OK

5.2 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/images/logo.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
PNG image data, 436 x 116, 8-bit colormap, non-interlaced\012- data
Size
5.2 kB (5162 bytes)
Hash
354ed116f25561b4e435946a16c22de2
8763e63fa09f70464fd18a829c567dc937c8568d
2b0c37cc261fda4df56b59985c7f620d201b621dffbd6f52f01be61d020e8ad5

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: image/png
content-length: 5162
cache-control: public, max-age=2629000
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3rKnCnuWzInktbhqe9TqJJTDnY%2BtvculiPxgB98Ogl5Nk9nsAWUbps4bibAbQNIjDS%2B6ubdHfGT9EGPiX%2FHbizUq4BtvddxAaqchD%2BFpbjxoJZI5T03BzzTUilRMcZZ0Ayjv%2B7Fcc5P9O1tgfCKbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c9536408cd5b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/images/viettel.png

188.114.97.1

200 OK

8.9 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/images/viettel.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
PNG image data, 256 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size
8.9 kB (8888 bytes)
Hash
1fe572ecad72ef8fca8dcba2b17dd9ca
31e84d538e1d42c7b6a924f7dde58c76b4b52390
96c1ebe204b00af38839147367adb60232c04cd4782f0776ed3e267d0e9b1019

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /images/viettel.png HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: image/png
content-length: 8888
cache-control: public, max-age=2629000
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzMbNBXRbd8T%2FgmB8vnwu1W%2BRwklVNHR%2BfV7Dy3uyaL8D2pmMLMqQgNzdrWD%2B5JCBsxIrdyOfGo%2BC1CEBbjPLsS4yXD4cIcs1i6GI5oGKN0A5TcFTptUGuTqgAwIQRjDpw9EHBhzvCYjp%2BW56TZC3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c9536408cd7b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/images/vinaphone.png

188.114.97.1

200 OK

19 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/images/vinaphone.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
PNG image data, 256 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19130 bytes)
Hash
a254c7b17341034542490989964fd97e
bf5ccdacca68840a658f971c14cd65a6f1782be2
8862bb55fd5f4fd07c5c131b86f565cc5ea9c9cf38ff84dca4704ce96cbd7319

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /images/vinaphone.png HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: image/png
content-length: 19130
cache-control: public, max-age=2629000
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hIgn5kc0WcTJwqTLBErn983Poy719glzki7ACcdOrBFeMLySnuRUiiBZ1mjgzUD0B1JxT8DRr7dosrwiVNH9Z7r3UEqMtGgldB2L%2BmfdBsYvz7pVZ4mU3DLo3YoyorJtFKNlqVvkdy7F0Nkjt597Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c9536408cd9b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/css/napthe1.css

188.114.97.1

200 OK

2.0 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/css/napthe1.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
ASCII text, with CRLF line terminators
Size
2.0 kB (2028 bytes)
Hash
09e1d0ac5d7a430a7f696401f3bd5383
c6b1e4d75d5f6bd84e34c524542f6f3d4a6a1a66
e78ba79e763fcae52087a773eb6a43b4564a081b56861ceda3c974409c169962

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /css/napthe1.css HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: text/css
cache-control: public, max-age=14400
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQOTIRwGMc0bDtvCjeiFrd8RIdkgtVFOfxswIMWeOb4igEQ08tmTrFkQ6yn3CeqhfXH1jK1bu60LAz0tMSff1CSKfBCEl4tb3DK%2FPTG1Tgz4udCGI0i0r1kfyPmzqfqM3ZPP39OWDoSnGyhTGJwkBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c9536407cc5b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/images/vietnamobile.png

188.114.97.1

200 OK

21 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/images/vietnamobile.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
PNG image data, 256 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21184 bytes)
Hash
8a049b5759ec3a1c93ffb1d2c6ab20ba
01c8919ab5aeda583a75fccfd73719bdf99fd5aa
97e0bf93fd058dd09af0542ca3b35a66951639cc95b40203b991b6b21f5f1eaf

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /images/vietnamobile.png HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: image/png
content-length: 21184
cache-control: public, max-age=2629000
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M24iQBGeykVuQWNvK5pyctyfZhCEg9YXdy1c%2BymBHh9GxH2%2FUdE0UMvQe7sVLGDlSTKDO21pym5KSmgLBeFUjKPl9ET4jkSnGQ15iFOk1REkCS8KpmnXyegwMTAGd1AWVB5WEXsM4AKGlugI0T3eog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c9536408cdab521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/images/mobifone.png

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/images/mobifone.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
PNG image data, 256 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27777 bytes)
Hash
718f48783e4adf931466110fc53550df
fd38ac39154a19181af3043ed1525cca2926fed5
9874b99edd042b57a7fb3927cada8c4dcf9b29436ddaae536965fbb19e319a52

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /images/mobifone.png HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: image/png
content-length: 27777
cache-control: public, max-age=2629000
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2%2FmuwYaPxu7fEpzZTJVZi%2F6Fyk8FHHwPvJAddyIyg6t0%2Bk4re0R8P0PY4869PAyySuKFMbgovQ%2F0UsTmq9Cou%2FEn%2FpiFdU6VtNH8xnhrf0tQrSMelPfpDYLlGEvhMkEGWw5Je3WaJojQJOfjsTJzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c9536408cd8b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdngarenanow-a.akamaihd.net/gop/app/0000/032/837/point.png

23.36.76.187

8.2 kB

URL GET
cdngarenanow-a.akamaihd.net/gop/app/0000/032/837/point.png
IP
23.36.76.187:0
ASN
#20940 Akamai International B.V.

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
8.2 kB (8212 bytes)
Hash
ab146b5f86fe4a8958ee37256045c711
f98ec764173d44e112336e1a452c0156e5ce7946
f0d62a5b32f70b89b3c03d796e152d5456fb591d9ca22e6ce156f5c6573a0592

HTTP Headers

GET /gop/app/0000/032/837/point.png HTTP/1.1
Host: cdngarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "ab146b5f86fe4a8958ee37256045c711:1529456457.006434"
last-modified: Wed, 20 Jun 2018 01:00:57 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 18 May 2023 15:42:46 GMT
content-length: 8212
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdngarenanow-a.akamaihd.net/gop/app/0000/032/837/icon.png

23.36.76.187

6.4 kB

URL GET
cdngarenanow-a.akamaihd.net/gop/app/0000/032/837/icon.png
IP
23.36.76.187:0
ASN
#20940 Akamai International B.V.

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6424 bytes)
Hash
e36b7de9f03353fb9617300c072fd150
92482899011963bc323b90ad68d2f86da46d43cd
33e31fd4441010b4d2480d0e760dfc9af8138b6e2d71d57d9917a85890da0b75

HTTP Headers

GET /gop/app/0000/032/837/icon.png HTTP/1.1
Host: cdngarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "e36b7de9f03353fb9617300c072fd150:1529456455.786054"
last-modified: Wed, 20 Jun 2018 01:00:55 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 6424
date: Thu, 18 May 2023 15:42:46 GMT
vary: Accept-Encoding
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.vn.garenanow.com/web/napthevn/sp_pc_19052022.png

45.119.240.104

200 OK

78 kB

URL GET HTTP/1.1
cdn.vn.garenanow.com/web/napthevn/sp_pc_19052022.png
IP
45.119.240.104:443
ASN
#131418 Vietnam Esports Development Joint Stock Company

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerSSL Corporation
Subjectcdn.vn.garenanow.com
Fingerprint4D:25:AB:22:6C:32:4E:35:93:76:95:B9:69:85:72:12:53:DD:67:EC
ValidityThu, 17 Nov 2022 02:54:32 GMT - Fri, 17 Nov 2023 02:54:32 GMT

File type
PNG image data, 900 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
78 kB (78462 bytes)
Hash
93a8e30cf135303ef28a128276527837
f27c0c2d64718fbe566e752cedae2f11f00c1d05
b48333327fede34328a2310f4fe61b8adfbe17d0dec656e1e433507b0405fc16

HTTP Headers

GET /web/napthevn/sp_pc_19052022.png HTTP/1.1
Host: cdn.vn.garenanow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 May 2023 15:42:46 GMT
Content-Type: image/png
Content-Length: 78462
Connection: keep-alive
Last-Modified: Thu, 19 May 2022 07:06:51 GMT
ETag: "6285ec8b-1327e"
X-Cache-Status: REVALIDATED
X-Handled-By: cdn-master
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

newyear2023.xn--napth-351b.vn/js/custom1.js

188.114.97.1

200 OK

268 B

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/js/custom1.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
ASCII text, with no line terminators
Size
268 B (268 bytes)
Hash
39a2f96030c5fa13ef9161348d905709
c39f9067d98b90278c45fb28564b543f161b70c5
11f8994c46b7f014551ab310acbe2497571d05de5ceffcb42a03aec4f7de3d5e

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /js/custom1.js HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: application/javascript
cache-control: public, max-age=14400
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJsSTEegl9TDUC%2FNICwiZ0AxE%2BYp4ZESi%2F%2Bv5HYsVm54F6cUS1w7A5Z9t4yxCDo4ZylHSjPihzwDH8uBQDYVBTDQ6wMIvm1B7N2JldVBI6ZDGS1oPgtkkVHZ3FyNyH2ciODjoCgIJdCkfiZYxcGFqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c9536407ccab521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/css/bootstrap.min.css

188.114.97.1

200 OK

150 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/css/bootstrap.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
ASCII text, with very long lines (399)
Size
150 kB (149830 bytes)
Hash
1fa2640288b4602af26f8beacaef55c1
5702361c035dfc572d953fe343e9649c38a89c9c
90aeafaae0b8e4ca9a3bca40b981950c2183102721b41a3e89045f32264b2299

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: text/css
cache-control: public, max-age=14400
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1U5AgDkdviccdYy1SuRhtsLQ0yBoCkfiCjXBopgEm99BImeifB4x4RIpzuzRH2%2Fw09Q%2Ba%2BodDFaMpOfdR4A6UwOh6IMcElkkarREm3fCzg%2BbeLW6ec0QkX5gO88huTjVGc%2Fqt8hV5n%2FE%2FxH5GSOww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c9536407cc4b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/css/style.css

188.114.97.1

200 OK

5.3 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/css/style.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
ASCII text, with very long lines (5658), with no line terminators
Size
5.3 kB (5308 bytes)
Hash
b210240980fa2c1d3b6ec6b2012f205f
9d223550718b9dc4159cff525b43335f987667f7
c992b5b88810d0b64b71632a512e010c5199c31cfcd32f078ed80d541e537911

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /css/style.css HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: text/css
cache-control: public, max-age=14400
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TmePSUiQt2dR%2BQWVCuzYEZOmMmr%2BO6ArYJmpPVxdgIt880SjaYqFdkpGHXKKSBT1j84MDWiNT9a7mrt1g3RlqaXwTBxQbVEOsGzMjIIGdrjz%2BU9i%2Fwua4Wn%2Fl9SoX6l8ahl%2FpCF0c7Yl5AdlYgmqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c9536407cc7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/images/favicon.ico

188.114.97.1

200 OK

4.5 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/images/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
PNG image data, 70 x 70, 8-bit/color RGB, non-interlaced\012- data
Size
4.5 kB (4454 bytes)
Hash
5fe97698c227d02ccb2284389b884175
b44c10d4a58ece5d6255775d85012f7c75ac6b2f
22a8e20cec6c4cd83c7446bfad7377d371a8a5b8d89bbdb74daa0dea2bcea549

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:47 GMT
content-type: image/x-icon
cache-control: public, max-age=2629000
expires: Thu, 25 May 2023 15:42:47 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joZLpkUu3Pm1Z3aRE0p1EfAlbApTw5bZxueCpMW%2FXrR49h8sn%2BqeV4qIZPi62BXU%2BTZGeg3JlWBTBbTFjHUjJozwgtR8dVIwnmgGnW4HyLZih%2BSQmbny04FwhUFcmf8FfTkJHiBkMfqxELHYSKk%2FAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c953647fd95b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/js/bootstrap.min.js

188.114.97.1

200 OK

37 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/js/bootstrap.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
ASCII text, with very long lines (32039), with CRLF line terminators
Size
37 kB (37061 bytes)
Hash
35e78bb2df69fc12053f9778e2ff2a93
ae8c8a930fd890ee61a9c82a7e85dd22918db7a6
9c7467cb2e579a31a8c0ab41c8557559bf538340fbb8632f6aa2b977aa22bf0a

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: application/javascript
cache-control: public, max-age=14400
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NunOL67nxqG3JIUs%2FhYkeuB9nIzE99gQxmPZoCGzc5sgXGKWY6UsStqAY3BkTKFFZXWOKbtRl0RDgxtgwZjuYi%2BbyLZf8yx4xANRMPHEnRc%2BMC53AsVkPua43AsfDoNtKRqrsjbTDORnRo7MsfaqFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c9536407cc9b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

newyear2023.xn--napth-351b.vn/app/fifa-online-4

188.114.97.1

200 OK

22 kB

URL User Request GET HTTP/2
newyear2023.xn--napth-351b.vn/app/fifa-online-4
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type

Size
22 kB (22245 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /app/fifa-online-4 HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 May 2023 15:42:45 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuVFoTznkvkL7aDyaKXg8BwoHdSIeD7%2FsqgqMiXD7E0cuL5vF46tMpiP1RbchiMievF9LVQozpMztchyVZo5GTAXxhMMxgtB3DgEMqpAseHifIQw4Ae4azUHEghNPMdL6pD1OfUsrQ3WM8AAuLALhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c95363c5d060b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

newyear2023.xn--napth-351b.vn/js/jquery-3.2.1.min.js

188.114.97.1

200 OK

87 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/js/jquery-3.2.1.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
ASCII text, with very long lines (32058), with CRLF line terminators
Size
87 kB (86661 bytes)
Hash
27a8f25e65bfe1872ebd62e021a0c6ca
9f835084914c0f4403a080fb7de4abe0d210adf8
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /js/jquery-3.2.1.min.js HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: application/javascript
cache-control: public, max-age=14400
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11S0NzJefCphQhk0PA%2FWM7Mn0IRovFHaKfaU8Lf8YJR2jTT%2B9BSUuqWed17nwxdUwjFNF%2BCCeMrsTKZAkYschUYFQ4crVm%2B4DLdhFmgKTrl2v9IK1SUSBVuoZBU52wtDPJTa26iuzLnDdibgSbZfDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c9536407cc8b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

cdn.jsdelivr.net/npm/sweetalert2@11

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
185.244.209.62:443
ASN
#58286 Electric-IT Business S.R.L.

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerSectigo Limited
Subjectcdn.jsdelivr.net
Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC
ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (43289)
Size
64 kB (64138 bytes)
Hash
c10306ea9c7731da5e8282aad988d42a
2f051222a227533c602d931af52fc78649fe0689
f40b487eeb315e2d23e335dd4b14626459f4836d8e05d9533b805db1cdb3fed6

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 May 2023 15:42:45 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 11.7.5
x-jsd-version-type: version
etag: W/"fa8a-LwUSIqInUzxgLZMa9S/Hhkn+Bok"
age: 1867
x-served-by: cache-fra-eddf8230029-FRA, cache-ams21057-AMS
x-cache: HIT, HIT
vary: Accept-Encoding, Accept-Encoding
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-05-05T12:24:56+00:00, 2023-05-18T14:24:02+00:00
x-id: am3-up-gc89, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2

newyear2023.xn--napth-351b.vn/js/kensine.js

188.114.97.1

200 OK

101 kB

URL GET HTTP/3
newyear2023.xn--napth-351b.vn/js/kensine.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Certificate
IssuerLet's Encrypt
Subjectxn--napth-351b.vn
Fingerprint23:28:5B:99:D2:A9:20:FC:9B:56:54:D5:B1:BF:88:32:60:F7:BA:5A
ValiditySat, 29 Apr 2023 10:08:00 GMT - Fri, 28 Jul 2023 10:07:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
101 kB (101004 bytes)
Hash
08e463af2e6c57ce1f3e897d41886f30
3aab4b4023019ee6f4df0b804afa76efad8e7f1d
fd64d6b99d7adb77f3670043ff1db3729d758130e130c25702d74eccb67c5eb0

Detections

Analyzer	Verdict	Alert
openphish	Garena
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /js/kensine.js HTTP/1.1
Host: newyear2023.xn--napth-351b.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newyear2023.xn--napth-351b.vn/app/fifa-online-4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 May 2023 15:42:46 GMT
content-type: application/javascript
cache-control: public, max-age=14400
expires: Thu, 25 May 2023 15:42:46 GMT
last-modified: Mon, 31 Oct 2022 11:42:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccmWQ9UWSbAAtYBB7%2B6%2BS5UqvsGBLLnvutgNoPvpSdhncTuO6WHr3ARkVqhhgP5YcGVYwWzm%2BJMK3%2FB7NaJnNRVOMn%2FKYmUzkKfr4SzSit9GEyhKIbZL%2Fl4VgD6er3dbXRvloIMIF1dgpHzXCe9C%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c9536408cd2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL

IP

ASN

File type