r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69b2178640638b4eba96ce12799a69a5
38706b536d3425af21189f5a34475ad559b153b1
a7e485971a2d371fb4a9e9425c4199c8b0ecb6ba0a88e83ebb87688e42d18aef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7E485971A2D371FB4A9E9425C4199C8B0ECB6BA0A88E83EBB87688E42D18AEF"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16195
Expires: Fri, 09 Sep 2022 22:28:52 GMT
Date: Fri, 09 Sep 2022 17:58:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9229
Expires: Fri, 09 Sep 2022 20:32:46 GMT
Date: Fri, 09 Sep 2022 17:58:57 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 42 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 7e75f1d33397e6c61ad5e84596eee0b6
1753edef0e004feb0103184888d793777405c82b
a96d057749532cf5c2e5ad9c60961cafdd5ff9409cd87c0ced6d6dafc2b0bac0
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: 4exc8ABoswcQg3DLmwFj6rWETbk1hYhP1sjUnZzi7ylU77oTUg-Zaw==
content-encoding: gzip
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
content-length: 41851
date: Fri, 09 Sep 2022 17:47:02 GMT
age: 715
content-type: application/json
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 48ca0beea419a9039591cf1aee5179e0
9e92629f505fcc07aab51221e8fe62197a23e307
630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 01:34:32 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zEQsYInIGh91Wx9osvPQfAcE5FDxY3Zwrc-scAyFjetJs616UuHVbg==
age: 59811
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 17:05:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F1WA4XZkRdmZ-J80ejiyFAGZFF_W29pIPFDOdHMOsN-TZQd0HdGNRg==
Age: 3184
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 17:58:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.pacoppp.com/register
103.118.81.153200 OK 4.3 kB IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3a80e9df077736ca11c46af71b7a1958
f8f21ce9e0375c45ad62edbacaecd371a5c0d329
29fdbd5af00bcc37493ab1ce7206a17faa47437cf7d3cd27902395dd9b246070
Analyzer Verdict Alert fortinet Phishing
GET /register HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.0.33
Cache-Control: no-cache, private
Set-Cookie: lang=vi_VN; expires=Sun, 09-Oct-2022 17:58:57 GMT; Max-Age=2592000; path=/
laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D; expires=Fri, 09-Sep-2022 19:58:57 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 17:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 17:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 59d177843181882be7aa82ddfd108fff
01460b47b518d7fa007af1600e6d88273aa55ef7
ba85249815736235b7749889dec432db5c2223cf8c1158f4777ae5d127f924b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5775
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 17:58:58 GMT
Last-Modified: Fri, 09 Sep 2022 16:22:43 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.pacoppp.com/css/pacx/normalize.css
103.118.81.153200 OK 2.0 kB URL HTTP/1.1 www.pacoppp.com/css/pacx/normalize.css
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with CRLF line terminators
Hash d49644e29e93f363230bcbcad1bf1fef
8ecda144351a5fd0b34ce4c792fa6bf65b65f002
f98dc8b0878be71e5cda3a2919a1c43779aee530faeaf5c8de067abe143e486e
GET /css/pacx/normalize.css HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:57 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:17 GMT
Vary: Accept-Encoding
ETag: W/"6166a7dd-1bfa"
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
www.pacoppp.com/css/pacx/style.css
103.118.81.153200 OK 8.1 kB URL HTTP/1.1 www.pacoppp.com/css/pacx/style.css
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 2cd4653900e745945389a4950a30958c
1e0bb3b3405ea659be0dd6b2a749051f5db3a5e4
b3370de989524227513e9e79494b5288dbcd2a239ea1dfebb4f0158da2cff3be
GET /css/pacx/style.css HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:57 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:16 GMT
Vary: Accept-Encoding
ETag: W/"6166a7dc-8afc"
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 17:58:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 17:56:07 GMT
Expires: Fri, 09 Sep 2022 18:51:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: InIwqzQsWPQ75vEZ36Krr4fbNbpT1d_XTotSphGM8tfpkRUighd_ug==
Age: 171
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
52.35.120.198200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 52.35.120.198:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Fri, 09 Sep 2022 17:58:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
www.pacoppp.com/css/pacx/animate-custom.css
103.118.81.153200 OK 8.1 kB URL HTTP/1.1 www.pacoppp.com/css/pacx/animate-custom.css
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (460)
Hash 88167eac6d6d43cb3042bd19b96ebfd3
b219d5580797381d74f4134e6f464aeea18b5d35
6c9202e82fde559bc5a087c9aa480ce67bab793ba318702888bb5c640ec51148
GET /css/pacx/animate-custom.css HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:15 GMT
Vary: Accept-Encoding
ETag: W/"6166a7db-1122b"
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
www.pacoppp.com/js/sweetalert.min.js
103.118.81.153200 OK 6.0 kB URL HTTP/1.1 www.pacoppp.com/js/sweetalert.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (16977), with no line terminators
Hash 7d8aa297999f680b1073a5dcf241a69f
06981023e50cf466c16a4439bc5c7009a24e2340
c4687fd4bd07b7ef833f8242a1eabe04809b7db2e4590b4e74e097ad6478121d
Analyzer Verdict Alert fortinet Phishing
GET /js/sweetalert.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 07:42:49 GMT
ETag: W/"5e980c79-4251"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/css/pacx/aos.css
103.118.81.153200 OK 2.8 kB URL HTTP/1.1 www.pacoppp.com/css/pacx/aos.css
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (26053), with no line terminators
Hash c31f40627f9f3c89e290cdb4e68cdc51
63f855d0fda8ea3d7737c72a13cc5589f913f494
3624653d2e93a6e46fb6a457e71b0fd00e04c95534868f68012768b6783a2406
GET /css/pacx/aos.css HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:15 GMT
Vary: Accept-Encoding
ETag: W/"6166a7db-65c5"
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
www.pacoppp.com/js/needlogin.js
103.118.81.153200 OK 295 B URL HTTP/1.1 www.pacoppp.com/js/needlogin.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with CRLF line terminators
Hash cb7e4b6da0f8a19cb138bf87eb6cb563
982700eca78957ceddef0a658aec3a93c94afe68
b3af77a4cef91e931960a6127040e905df87965119ba20f597ad92bcd81e0237
Analyzer Verdict Alert fortinet Phishing
GET /js/needlogin.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 295
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 07:42:49 GMT
ETag: "5e980c79-127"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Accept-Ranges: bytes
www.pacoppp.com/js/pacx/aos.js
103.118.81.153200 OK 4.9 kB URL HTTP/1.1 www.pacoppp.com/js/pacx/aos.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (14239), with no line terminators
Hash c23c1631fb47d6fe2fb49cc40719d9fb
0d98f4089454421221504f47f43a7628c698d16a
8b7c154655749a716e4f7652455ad1709d354853685c8b3cbd628fbb2d474df6
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/aos.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:23 GMT
ETag: W/"6166a7e3-379f"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5923
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 17:58:58 GMT
Last-Modified: Fri, 09 Sep 2022 16:20:15 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.pacoppp.com/css/pacx/stylelogin.css?20200520
103.118.81.153200 OK 1.1 kB URL HTTP/1.1 www.pacoppp.com/css/pacx/stylelogin.css?20200520
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with CRLF line terminators
Hash 831ed89fb5b3269fb77b9cfb9f1c9fa7
d02a87553ff6f2e3a712edc43bfdf19353d8efbc
862297e6f9d871100fb6b6439df33fbfc3512d656a49d741f61ec6990bd7322f
Analyzer Verdict Alert fortinet Phishing
GET /css/pacx/stylelogin.css?20200520 HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:17 GMT
Vary: Accept-Encoding
ETag: W/"6166a7dd-d12"
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
www.pacoppp.com/js/pacx/cbpFWTabs.js
103.118.81.153200 OK 755 B URL HTTP/1.1 www.pacoppp.com/js/pacx/cbpFWTabs.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
Hash 39e279b71987f0b1afbeabc9a77c193a
9cc47d84aa0fae8bd821db902c33e73a6e2b0734
f20bcb1672f04a48a3fa57ffd3b4861756579a9712d92f5f76a3af9511ee52d5
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/cbpFWTabs.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:25 GMT
ETag: W/"6166a7e5-6a3"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/js/pacx/bootstrap.min.js
103.118.81.153200 OK 10 kB URL HTTP/1.1 www.pacoppp.com/js/pacx/bootstrap.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (31650)
Hash 44f19dee8178b03d822741adec4bdb32
d508954d9a63020dbe7beb950a41ca5618b9a804
dba0c2195965133aea4d3317a2ca444e5cf1a794d9d9fb3768c8347eac200aef
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/bootstrap.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:22 GMT
ETag: W/"6166a7e2-7c4b"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/js/pacx/responsiveslides.min.js
103.118.81.153200 OK 1.5 kB URL HTTP/1.1 www.pacoppp.com/js/pacx/responsiveslides.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type HTML document, ASCII text, with very long lines (521)
Hash dc127018df50df3a684e92fcb6119eac
8f14648d09db01d6ddf7abe92c3053132eafe995
400215fff92a52e4d7514d71dc9fddb6bef2cdf4fa81c9000d262df1d64d4130
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/responsiveslides.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:23 GMT
ETag: W/"6166a7e3-d0e"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/js/pacx/waypoints.min.js
103.118.81.153200 OK 2.9 kB URL HTTP/1.1 www.pacoppp.com/js/pacx/waypoints.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (7808)
Hash b03b70a499190096f5efb60b25461455
69074f4813ee0a741ed9b7825319444bc11d36f1
a2fc39e0a136008961e162b6b8edc12269bd6d67a89e77d5212e4c9ba97dba83
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/waypoints.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:23 GMT
ETag: W/"6166a7e3-1f6c"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
push.services.mozilla.com/
35.163.196.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.196.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: b+Qh6RrafjnjWm4BWBxvwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mzyZlhR1PH3t5mMF/0oiRjTB4DE=
www.pacoppp.com/js/pacx/counterup.min.js
103.118.81.153200 OK 585 B URL HTTP/1.1 www.pacoppp.com/js/pacx/counterup.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (917)
Hash d058c087e183c3569b693d3e458e0fd3
a84d33cd0b4e137572e8c147478ef13bba875811
be549f2ceab2eebb6c9202a74cb33dc97adb9ac2c2c1a4df8c43ae89780eaf44
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/counterup.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:22 GMT
ETag: W/"6166a7e2-42b"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/js/jquery-1.11.3.min.js
103.118.81.153200 OK 39 kB URL HTTP/1.1 www.pacoppp.com/js/jquery-1.11.3.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (32038), with CRLF line terminators
Hash 77d99d50e929e672d70aa70d7ac89892
7a679f4a33cbe8a16ded73b3c8c57e4def882544
067531d08b9be972a52e2f69ce72edef33bbb2f58d9ebeb780989b800a50d537
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-1.11.3.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 07:42:47 GMT
ETag: W/"5e980c77-176da"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/js/pacx/jquery.chocolat.js
103.118.81.153200 OK 3.3 kB URL HTTP/1.1 www.pacoppp.com/js/pacx/jquery.chocolat.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type HTML document, ASCII text, with very long lines (455)
Hash bf1784f7615c0ff4e4224bf05d3a1e5b
ee1f4d9fba56a347db409097c40fdb572b1f3c29
493a8245d9e511a423f1326f912943993eb55e10df5027d1141f50d466e320f7
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/jquery.chocolat.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:24 GMT
ETag: W/"6166a7e4-27db"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/js/pacx/jquery.dropotron.min.js
103.118.81.153200 OK 2.0 kB URL HTTP/1.1 www.pacoppp.com/js/pacx/jquery.dropotron.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (5007), with CRLF, LF line terminators
Hash e292ccb5e68605624d6850a42b66bff0
8aca02297f3e8c99ef12843707a031086f32f910
a747d92829731629fdd3374a460b6ac6a5f16c9501c8fc17f3826550ef0017b6
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/jquery.dropotron.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:23 GMT
ETag: W/"6166a7e3-13f2"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/js/pacx/jquery.scrollex.min.js
103.118.81.153200 OK 942 B URL HTTP/1.1 www.pacoppp.com/js/pacx/jquery.scrollex.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (2164), with CRLF line terminators
Hash 6cdbe9de40431ac0776e5cd1a1155b71
27e6657b26f548a1e38d7e5d535732612962116a
eccbec07f09ab080caf1e6df5297495a610b2afc302135787ed98152e3c8f571
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/jquery.scrollex.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:23 GMT
ETag: W/"6166a7e3-8d1"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/js/pacx/browser.min.js
103.118.81.153200 OK 852 B URL HTTP/1.1 www.pacoppp.com/js/pacx/browser.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (1803), with CRLF, LF line terminators
Hash da66206e9b73b26f9991adaab6556982
eb6b544e3a208c0f5e3211c715b0a7bf13e8bf7e
35729c892fba369346a16a90d6bdeece778bc299e7e1513660009f18776c7c1a
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/browser.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:24 GMT
ETag: W/"6166a7e4-73b"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221662728235783%22
143.204.55.115200 OK 4.7 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221662728235783%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (22383), with no line terminators
Hash 90e1bf0435d3fc9cdd8cbddb727bfd8e
2407cc704a9ef59f21173df067db3c04a101d691
4ba87e3b4577fabcb0ec652fe8fd7a50558ace2c1b6afb9b3325339c328eea9a
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221662728235783%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 09 Sep 2022 12:57:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 17:01:57 GMT
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 17:02:01 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8R9eFgZSHnE4bxHJupGBwTzsTLpENrFdqR1IxBVdfWIV5giQsSbaKA==
Age: 3422
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662683838451&_since=%221653914271178%22
143.204.55.115200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662683838451&_since=%221653914271178%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 17408c9519b5f281127b53ae1cdd2c1f
8437f3b97c662bc8526b86a747fa124638fdf424
843466bea7f6dafe736dd1475f8ac8fc055d1c0f08b34e80e9088b5cfac399f3
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1662683838451&_since=%221653914271178%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 09 Sep 2022 00:37:18 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 17:03:12 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YvPg6W-E3WIbpNSb7ZZdkxUohwRAJPa7cPsIwRHVKQeuCOya4VHOAg==
Age: 3538
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Abs6TF13baPKOllSy3QYmsHjBdMpRZ2ivoRXXdQOUUC3XSaK38cp8g==
age: 51145
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 17:05:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7kMmFA8Hm5R9y6-BECGMI0JL_k77FE9ZocD6nh2SBZOONo07Ah0AEQ==
Age: 3186
www.pacoppp.com/js/pacx/breakpoints.min.js
103.118.81.153200 OK 875 B URL HTTP/1.1 www.pacoppp.com/js/pacx/breakpoints.min.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with very long lines (2387), with CRLF, LF line terminators
Hash a2220e106f4f8c46375b6d57b635793c
36d79073067f0c7646ddf4e0130205af60b793f8
137730699a4fddd18a340f4e402f2f268f89a99b6a05f22544a96a3a61351ec4
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/breakpoints.min.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:22 GMT
ETag: W/"6166a7e2-987"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
54.230.111.80200 OK 796 kB URL HTTP/1.1 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin
IP 54.230.111.80:0
Size 796 kB (795699 bytes)
Hash 9b95765b0e26af76116a95a966d61354
3f7c1b40fc999b83f3696f455402e49ab484b027
34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 09 Sep 2022 01:19:03 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gtv8-_Bbe0_FNaSy6DqMV8x1rVpYFcuwCtBwepfcdF8pZ0Ttrpq4Aw==
Age: 59997
www.pacoppp.com/js/pacx/util.js
103.118.81.153200 OK 3.9 kB URL HTTP/1.1 www.pacoppp.com/js/pacx/util.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with CRLF line terminators
Hash 943eee1199ba919fae4d19489d554cd2
679b1c619ccadd8e10b58c6415d6d374b4c54682
ec7405661c3910df66c7cf7b2568448f70ad67dfc54cb0f9c299ff3db33b1025
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/util.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:22 GMT
ETag: W/"6166a7e2-31ae"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/js/pacx/main.js
103.118.81.153200 OK 2.5 kB URL HTTP/1.1 www.pacoppp.com/js/pacx/main.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with CRLF line terminators
Hash ac7b04ae498747901aabe0d7e655d0d9
ad59a24a48365b244d962123e575e4e0c40a4c5e
ff57d2087b4d5eb538380026ba5a792cbee23be4492c31126076eb8764d4ec2e
Analyzer Verdict Alert fortinet Phishing
GET /js/pacx/main.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:24 GMT
ETag: W/"6166a7e4-1a7b"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
www.pacoppp.com/css/sweetalert.css
103.118.81.153200 OK 4.5 kB URL HTTP/1.1 www.pacoppp.com/css/sweetalert.css
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type ASCII text, with CRLF line terminators
Hash 269004a217a8af1473c3dd7864fe435f
a69f6fb225eb36381643592a78e1e98d890b504f
5d7580762bd77f39fb1bbee9ebaeb5e4fbefda5271c43e63c1fb9de7fed2c80e
GET /css/sweetalert.css HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 07:42:42 GMT
Vary: Accept-Encoding
ETag: W/"5e980c72-5d06"
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
www.pacoppp.com/js/_common.js
103.118.81.153200 OK 4.9 kB URL HTTP/1.1 www.pacoppp.com/js/_common.js
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type Unicode text, UTF-8 (with BOM) text, with very long lines (590), with CRLF line terminators
Hash 592b86907bfc1e940e05068faccf02ef
2fd9c95a749c4034cb0fa52bb6a7514271fa1a67
bce9b9483a3832a35d949367796d507787f6b64bbe999efbf45a68d94376aa4b
Analyzer Verdict Alert fortinet Phishing
GET /js/_common.js HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 May 2021 08:48:49 GMT
ETag: W/"60b4a2f1-2fc2"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662667723810&_since=%221654636467710%22
143.204.55.115200 OK 5.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662667723810&_since=%221654636467710%22
IP 143.204.55.115:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6c049c24dc7ea534825179965a42363b
4b3b97ed48fb2644179fa793d67561c649a94e6b
97b6177c191e0f8292164981e0b59d0b61871358b3e4f190589df4427d12de22
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1662667723810&_since=%221654636467710%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 08 Sep 2022 20:08:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 17:26:03 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3jw9LnmyKw_kJ0pwBmmkC-ezhaDQ9rWxHyD6hbyB0_g22nBT36aQWA==
Age: 3398
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
143.204.55.115200 OK 5.9 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (20424), with no line terminators
Hash f28e40410916597002bfaca8b80cd143
386751dbd0839587f0be429fee8a33552d8d1d96
eb0711e7aa1efa94e639dac7b3f62f4c3f80cc0d6aa611a8f23c94876d58ec11
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Fri, 09 Sep 2022 17:02:54 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tJW8nCHML9q7NuK3NXSgOFOBNhfVojxg5dC6ZcEziAjLFPzGvYh6Qw==
Age: 3440
www.pacoppp.com/img/pacx/line.png
103.118.81.153200 OK 4.8 kB URL HTTP/1.1 www.pacoppp.com/img/pacx/line.png
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type PNG image data, 267 x 68, 8-bit/color RGBA, interlaced\012- data
Hash 657da68076398e21739157f000e76f2b
19d4fae514a41cb98458d2a6be8db1359d39ce2d
aaaa9a9a9cfbe5c075220bda855a0bb55777242fe5faad24692aeb56689ed2b3
GET /img/pacx/line.png HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:59 GMT
Content-Type: image/png
Content-Length: 4849
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:02 GMT
ETag: "6166a7ce-12f1"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662595265893&_since=%221654732864402%22
143.204.55.115200 OK 12 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662595265893&_since=%221654732864402%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (59437), with no line terminators
Hash 560aed9b73a92e921124c87033ed8aaf
0e98248b1797a143777a2e2e181527eb6a76655c
fbc2af995e8fc188d4fe6e2f239528ee98d944b173f1ab171b1d9b00cf719af7
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1662595265893&_since=%221654732864402%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 08 Sep 2022 00:01:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 17:51:12 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BQ0DkOJdxhOJ3nQ1pOBqRPzMdIvrIJQyIWjAFDunPh07F8Fnr_gh8Q==
Age: 918
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
143.204.55.115200 OK 779 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (1392), with no line terminators
Hash feb548016d67969c8408dc4afd03a12e
9449c0b40446e2fff553406270b879b40c8bbd2a
4384cca875647f7bf975f9ac51298bbe5e632e54597284d0a6a49971bc8f2798
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 17:40:16 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EM3jp_R-3r7zFcGGpWw9w9vt8eSfIbj0CgghEOUO8rXbpdwavGpQlQ==
Age: 1196
firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
143.204.55.115200 OK 3.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Hash cb546ddfc075945fc3edcc0a08714230
d0c184b28768e0b60712ebfb2a1d7efed49ec5e7
1140ff372948c06d0577eb7a7299c2d95c87b4d47839defef7307486f9f7ea21
GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 17:20:00 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qxq1DJvNufA4jYmkom5die2RzVOWwD4_lZ5hlXw7zwes6Du1GhnCsg==
Age: 2342
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
143.204.55.115200 OK 3.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (14030), with no line terminators
Hash 9498433bbbcad841ef1b67c31e9e19f7
bc89dbd1261594949ebc09eb0978e22d14fb5c3f
01a250849ba7c6b099e5e2e85059f7657041d3997a5a0118b85aea782aa408b2
GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Fri, 09 Sep 2022 17:03:41 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Y4_KEDQNEvF5PzAwHYtuouPwSqH5rl8FRZi10Rgb5Dd7MQx3UWc7lw==
Age: 3441
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
143.204.55.115200 OK 681 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash 747f384efea12ce5dab98117b84a36d8
3bfa87d8ca19bf259e1b28f5d8484560bc4aa59f
674580bbd668da2fccee5bd78cd11bdb237a800ec945160353537b15c3e924f2
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 681
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, ETag, Last-Modified, Backoff, Cache-Control, Retry-After, Expires, Pragma, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Sat, 03 Sep 2022 16:36:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store
Date: Fri, 09 Sep 2022 17:50:08 GMT
ETag: "1662223014803"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7IhfwsKK7H4zJDBqYtKJSi1YHBvGcJ9JD4M14LW-GCh9dpll08xEPQ==
Age: 531
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
143.204.55.115200 OK 897 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (1710), with no line terminators
Hash 2ef700623eb0b783e8a583fb14fcbb80
c6b6cbb847d3a5e5c6d991c8d6dce6e9b9c902cf
b2a5ecbd87cc70c34c20d9470de54751cc1f48c8945e2239f12874ed35839983
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 17:43:03 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lpIgSM0f7wGSO18wYAs89UuE73nZLFEf3z6W_0tdZQdcCnoZWlz6_w==
Age: 1020
www.pacoppp.com/img/pacx/logo.png
103.118.81.153200 OK 47 kB URL HTTP/1.1 www.pacoppp.com/img/pacx/logo.png
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type PNG image data, 284 x 183, 8-bit/color RGBA, interlaced\012- data
Hash b6493991775289475582e0e1cecd2b0a
5281b5f9adb7e40078ba1aa399ca7b43a8c2d7c8
a28668b2f58ce0d762e43444b3e753cb9184e32c17140f4d2c2d7df6ed35e727
GET /img/pacx/logo.png HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:59 GMT
Content-Type: image/png
Content-Length: 46669
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:02 GMT
ETag: "6166a7ce-b64d"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
143.204.55.115200 OK 1.1 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (2195), with no line terminators
Hash ea7be8630c2ab64565dcf909ddd6b1e9
99b5c68aea2e5c3f498290bca5affa8c4d5ccaee
46a7bd4666db075b42064484105f0381c5cd8ff11ce5a9a555711ad03f83b38c
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Fri, 09 Sep 2022 17:26:11 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7EAehuppY3N6wa3INTdUsvOqn5L0ywofc8Xfmjd-bCFwWZWyyUUI9g==
Age: 2133
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8576
Expires: Fri, 09 Sep 2022 20:21:55 GMT
Date: Fri, 09 Sep 2022 17:58:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8576
Expires: Fri, 09 Sep 2022 20:21:55 GMT
Date: Fri, 09 Sep 2022 17:58:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8576
Expires: Fri, 09 Sep 2022 20:21:55 GMT
Date: Fri, 09 Sep 2022 17:58:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
143.204.55.115200 OK 1.4 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (3677), with no line terminators
Hash 7c2cf5e6216dc47511f819acd70197a5
f8f556d7600b3e74941bc4d3100463e054879170
0b13a9837661102f8e1ee4647007e78ddff90738b62eeb2df69713ed0c2be6bd
GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Fri, 09 Sep 2022 17:48:28 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gCVydbI99VBC2E_3NZhe26TMFcJiIr3_fxbjpRtww4T0-wDb455oFA==
Age: 960
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8576
Expires: Fri, 09 Sep 2022 20:21:55 GMT
Date: Fri, 09 Sep 2022 17:58:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8576
Expires: Fri, 09 Sep 2022 20:21:55 GMT
Date: Fri, 09 Sep 2022 17:58:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
age: 72803
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba8d1b764c2d18807caecb5ee1e046c0
c0e3d10ce67f77a92b54954410e30621af7ee87c
f558c4827c2edf896588b6e3f0b4f295269e95f86143b40729a7a2a5e1adbbb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9011
x-amzn-requestid: cf861da4-5f3b-43b8-931a-5285839c6301
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHFbOoAMFYVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-4cf2e37f5e762a557b081446;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wqcl8zkszPZhWjJ7mr_p82IRaNzU2vMV3wtipUYgRaL7Vj3ntmYYqQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:47:07 GMT
age: 72712
etag: "c0e3d10ce67f77a92b54954410e30621af7ee87c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:15:21 GMT
age: 71018
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: eaf81b32-3b53-4e89-a9d0-943bc9f9982f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0j0QFhxoAMF-Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b34e-114287d30092033a2b54ec01;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:39:58 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: _mlXN3nJ7ZPcUDWIqqiv2CB6dkSJ2Y-AZIXNs4xOj18ZX6DYMdhXAA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:19 GMT
age: 72760
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 48399
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zdVUahmbPQ7sQMlg14M89JOwjN2PEM03GNLYEwxPjcaioRpyqb8isA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:26:32 GMT
age: 70347
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.pacoppp.com/img/pacx/favicon.png
103.118.81.153200 OK 11 kB URL HTTP/1.1 www.pacoppp.com/img/pacx/favicon.png
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type PNG image data, 185 x 185, 8-bit/color RGBA, interlaced\012- data
Hash 15dca103def5f4cc851290a9ae74582f
58776d00cb0a7ddb972aceaa27d666efb70de67e
6c00b0a04a911716e75cf02c3314621e90bf6bc9fa4d79ca0791187f6315bb38
GET /img/pacx/favicon.png HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:59 GMT
Content-Type: image/png
Content-Length: 11350
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:01 GMT
ETag: "6166a7cd-2c56"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Accept-Ranges: bytes
www.pacoppp.com/img/pacx/login-bg.jpg
103.118.81.153200 OK 311 kB URL HTTP/1.1 www.pacoppp.com/img/pacx/login-bg.jpg
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1668, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2501], baseline, precision 8, 1680x960, components 3\012- data
Size 311 kB (311383 bytes)
Hash eddba1fae6dbb464823d86e3fc00db1a
b1d729182ffe09e409aec794db0875b61409836f
7ec95b908f960dc3cc196260cf9ff5007e710b5ed630e254db7b6f509977b3eb
GET /img/pacx/login-bg.jpg HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/css/pacx/style.css
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:58:59 GMT
Content-Type: image/jpeg
Content-Length: 311383
Connection: keep-alive
Last-Modified: Wed, 13 Oct 2021 09:33:01 GMT
ETag: "6166a7cd-4c057"
Strict-Transport-Security: max-age=31536000
GP-Cache-Status: HIT
Accept-Ranges: bytes
www.pacoppp.com/captcha/?rand=0.49476586982064064
103.118.81.153200 OK 6.8 kB URL HTTP/1.1 www.pacoppp.com/captcha/?rand=0.49476586982064064
IP 103.118.81.153:0
ASN #137962 GREYPANEL PTE LTD
File type PNG image data, 120 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ee0eb9c158731047419789a25265c9c
4ec459eaf550b9ec7d8e1f40d93be625e7f5b0e6
c926030f711edf22d159f67cfe78cf2e1b2b6cd1cded339abbfbab10d1cb3bff
Analyzer Verdict Alert fortinet Phishing
GET /captcha/?rand=0.49476586982064064 HTTP/1.1
Host: www.pacoppp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.pacoppp.com/register
Cookie: lang=vi_VN; laravel_session=eyJpdiI6IjZIM0lvTWdYN0Z2YkFRRDhcL0l4WFVBPT0iLCJ2YWx1ZSI6InRseElQenU0dmxrUWN3YmI3U1hrRHo4ZDVYcDZIOHl4WWNsTjBDZXVubzFwK1N1Z3N4dHh6cWpPb1wvSzVpZ2hmYTlhV1wvNWFJXC85QTdPUWpYcGxaZkl3PT0iLCJtYWMiOiI2OTdjODRlY2QxNmRiMTQ0ZDA3MDkxZTY2ZWVlZWI0NmUyOWNmNzdhZTM4MDg5OTg4ZDRkNDJlMmYxMDMzNjdhIn0%3D
HTTP/1.1 200 OK
Server: openresty/1.19.9.7
Date: Fri, 09 Sep 2022 17:59:01 GMT
Content-Type: image/png
Content-Length: 6830
Connection: keep-alive
X-Powered-By: PHP/7.0.33
Cache-Control: no-cache, private
Set-Cookie: lang=vi_VN; expires=Sun, 09-Oct-2022 17:59:01 GMT; Max-Age=2592000; path=/
laravel_session=eyJpdiI6IkY1MFBWK05nc0JINXp2Q2NIbExyV3c9PSIsInZhbHVlIjoiZlVYWmVaNW1ORnZ1MW0rcWJ0NDlaN3BhZzQrUkFIR2ZvVFRjMzJlRWVnUXZnaUdXYkR1MlFFR0pDMDB6TjlIalplS0dhbTVMQjFrUDhtZHAxTFA3eHc9PSIsIm1hYyI6ImI0ODMwNjZlZTlhMzA1MTlhMmIyNGRlNGQ3YTgxN2ZmYmUwNWM0NDM3ZWRkZTE2YzQ1MjMyODk1MWU1NWFlM2MifQ%3D%3D; expires=Fri, 09-Sep-2022 19:59:01 GMT; Max-Age=7200; path=/; httponly
Strict-Transport-Security: max-age=31536000
fonts.googleapis.com/css?family=Be+Vietnam&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Be+Vietnam&display=swap
IP 142.250.74.10:0
GET /css?family=Be+Vietnam&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.pacoppp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 17:58:58 GMT
date: Fri, 09 Sep 2022 17:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Quicksand:wght@300;700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Quicksand:wght@300;700&display=swap
IP 142.250.74.10:0
GET /css2?family=Quicksand:wght@300;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.pacoppp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 17:58:58 GMT
date: Fri, 09 Sep 2022 17:58:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2