Report - pardaisybrohnny.com/fbfcf386-ecea-4cbb-983c-d52a7e83d016

Report Overview

Submitted URL
pardaisybrohnny.com/fbfcf386-ecea-4cbb-983c-d52a7e83d016
IP
18.196.84.70
ASN
#16509 AMAZON-02
Submitted
2023-03-30 04:55:16
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	2.4 kB	6.2 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	1.7 kB	3.5 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.8 kB	59 kB	34.120.237.76
pardaisybrohnny.com	unknown	2023-03-09T09:24:16Z	2023-03-31T06:08:15Z	387 B	736 B	18.196.84.70
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	873 B	2.2 kB	142.250.74.106
rtpfortun.top	unknown	2023-03-28T20:08:41Z	2023-03-30T05:10:48Z	7.6 kB	1.2 MB	103.164.173.2
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-31T20:44:48Z	484 B	20 kB	216.58.207.227
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-30 04:55:30	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	rtpfortun.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3	118 kB	2023-03-14	2024-01-06
Pretty URL rtpfortun.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 06:08:00 Last Seen2024-01-06 03:24:59 Times Seen212 Hash 81122fb44af0fdc9adbcd3eb69413e25 1c59a33a7aef5f146c619c085e5e50319def1c6b b9507c103034b9303d50640dcd434f64c96a65d68e683a8670476b2f582db0f4 Loading...

	rtpfortun.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4	4.4 kB	2023-03-07	2024-04-03
Pretty URL rtpfortun.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:06 Last Seen2024-04-03 12:36:06 Times Seen397 Hash 0ff2a510dfadd3947f3aabe1686e38fc a7f6cff6c7dcfac41b9d5885d2305165f700bb30 2018b22912cd7897fef48bb1e0fbea67125f5a5f15a2c23714ad18431ddb6513 Loading...

	rtpfortun.top/	441 B	2023-04-01	2023-04-01
Pretty URL rtpfortun.top/ IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:36:29 Last Seen2023-04-01 10:36:29 Times Seen1 Hash ac63f9e7c7bc669890675a81f5f26ac8 12e8f0c313ae18eacd9e322f2b5854128d4b931d 24276bd9920d102529828d99865d6adf602bf7575be303165d42abd6fdd92e3c Loading...

	rtpfortun.top/	2.2 kB	2023-04-01	2023-04-21
Pretty URL rtpfortun.top/ IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:36:29 Last Seen2023-04-21 00:30:57 Times Seen9 Hash c7e7643bf87eaea6313e67c4d37b44d0 395c93fac62265a35e55db2e23571fba23fc69ae 59eb8fae5c0218ff38b288f2d8468698a74bae839d38782e596d28548c583fac Loading...

	rtpfortun.top/wp-includes/js/wp-emoji-release.min.js?ver=6.2	19 kB	2023-03-14	2024-04-18
Pretty URL rtpfortun.top/wp-includes/js/wp-emoji-release.min.js?ver=6.2 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:30:15 Last Seen2024-04-18 15:36:02 Times Seen1703 Hash 4cc444663c1e69cb8ac7b909e7192bca d00ddc5b9526193fa99bc3995a6d05f995452ea1 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Loading...

	rtpfortun.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.3	90 kB	2023-03-29	2024-04-26
Pretty URL rtpfortun.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.3 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:52:25 Last Seen2024-04-26 13:31:33 Times Seen102886 Hash 0e850a69bc7fd0acc2e92ce6eee87959 8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Loading...

	rtpfortun.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0	13 kB	2023-03-07	2024-04-26
Pretty URL rtpfortun.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 IP 103.164.173.2 ASN #138131 CV. NATANETWORK SOLUTION Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2024-04-26 13:31:33 Times Seen76210 Hash 5cfa2b481de6e87c2190a0e3538515d8 0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3 Loading...

HTTP Transactions (45)

	URL	IP	Response	Size
	pardaisybrohnny.com/fbfcf386-ecea-4cbb-983c-d52a7e83d016	18.196.84.70	302	0 B
URL HTTP/1.1 pardaisybrohnny.com/fbfcf386-ecea-4cbb-983c-d52a7e83d016 IP 18.196.84.70:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /fbfcf386-ecea-4cbb-983c-d52a7e83d016 HTTP/1.1 Host: pardaisybrohnny.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Server: nginx Date: Thu, 30 Mar 2023 04:55:05 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://rtpfortun.top Pragma: no-cache Set-Cookie: fbfcf386-ecea-4cbb-983c-d52a7e83d016-v4=RoMwlLZcFaWdrZGpVC1Oh4-x5NVe_LyhyFF-jKthQmk; Max-Age=86400; Expires=Fri, 31-Mar-2023 04:55:05 GMT; Domain=pardaisybrohnny.com; Path=/; HttpOnly cc-v4=tf02iZzsqPQiLIZ8EZDRcg%2FMD8BiFIqoSEecJ61AR2LV4MkBtog79nQG3zJ9G7TWh%2BHQRKxrN6brJh5%2FJgn7BMOdSN0pZgjh5iKubW4F5uURcJi8qUvq%2BXLtO3SqtuUbnFC2Zcp%2BMHTc66jMFCszuQ%3D%3D; Max-Age=31536000; Expires=Fri, 29-Mar-2024 04:55:05 GMT; Domain=pardaisybrohnny.com; Path=/; HttpOnly

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7af19a5145a4ee99bdf18831bad04bfd 7bdd2a4785b999ef54a2644211d2b2b7190fb8e1 3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0" Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12154 Expires: Thu, 30 Mar 2023 08:17:39 GMT Date: Thu, 30 Mar 2023 04:55:05 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cca063332ba9a89eadd62a8dd7f81a9b d473b2a7a32c964599ff3bac8f98fa578f03d1d1 02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC" Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10666 Expires: Thu, 30 Mar 2023 07:52:51 GMT Date: Thu, 30 Mar 2023 04:55:05 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c0d9353dc46e88bf564ed464b0b073c7 0b5ce170e7db24267a3ba5b79a48548b1acd2e5b 7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B" Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9356 Expires: Thu, 30 Mar 2023 07:31:01 GMT Date: Thu, 30 Mar 2023 04:55:05 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 30 Mar 2023 04:16:03 GMT content-type: application/json age: 2342 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: hV70znr8RvVasjAmbokn2keC2LfrYK6Yn1x+HqgS09pbh/PzK+IMI92T4Oaa/lwhh5BNExpumTY= x-amz-request-id: 0NDCTPC0Q7T6G9NN x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 30 Mar 2023 03:56:53 GMT age: 3492 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 30 Mar 2023 04:55:05 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash ae064c74a3769d42109473ad05d56fb9 d48029ab8568cee6ab7416d3b476ed792d780a56 9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F" Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10437 Expires: Thu, 30 Mar 2023 07:49:03 GMT Date: Thu, 30 Mar 2023 04:55:06 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 30 Mar 2023 04:14:37 GMT age: 2429 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: iDVpL3cF1xHLauRnlGgP2Q== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: J5jIPxXB6Lkf6upXYeTFp50by8E= Date: Thu, 30 Mar 2023 04:55:06 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d4fd78e1925a923742815feb55c9dab0 1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 04:55:07 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d4fd78e1925a923742815feb55c9dab0 1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 04:55:07 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500&ver=1.7.3	142.250.74.106	200 OK	962 B
URL HTTP/2 fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500&ver=1.7.3 IP 142.250.74.106:0 ASN #15169 GOOGLE File type data Size 962 B (962 bytes) Hash 3e7bd2055e000999cd5567368cf7ffce ba64f066c69d0718b7cfd0174189487da4b044e4 e6858d44025d481e5545ec689a54d13eedead62d8efb1f1dbd9f2f8b12c56256 HTTP Headers `GET /css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500&ver=1.7.3 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 30 Mar 2023 04:55:07 GMT date: Thu, 30 Mar 2023 04:55:07 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	rtpfortun.top/wp-includes/css/dist/block-library/style.min.css?ver=6.2	103.164.173.2	200 OK	12 kB
URL HTTP/2 rtpfortun.top/wp-includes/css/dist/block-library/style.min.css?ver=6.2 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (48325) Size 12 kB (11775 bytes) Hash fb05a8ae8ff95ea8671cff40c8e4257a bf789c9a9aab56db81228e014d8ac6e9181662a2 0cb24d73e4771cd2aed7def8d78a9cf4ee0cef2b11e013063ae143b2c92379f7 HTTP Headers `GET /wp-includes/css/dist/block-library/style.min.css?ver=6.2 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: text/css last-modified: Thu, 30 Mar 2023 00:43:45 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 11775 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-includes/css/classic-themes.min.css?ver=6.2	103.164.173.2	200 OK	164 B
URL HTTP/2 rtpfortun.top/wp-includes/css/classic-themes.min.css?ver=6.2 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text Size 164 B (164 bytes) Hash a2f035523ba70ab96b14b875c7ea5888 b1e5e5438705e74504518e063968f08d942452f2 fbceaa642928cb3e56620d736953cc8de36fef97ced4039097febb18f97aae70 HTTP Headers `GET /wp-includes/css/classic-themes.min.css?ver=6.2 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: text/css last-modified: Thu, 30 Mar 2023 00:43:45 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 164 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-includes/js/wp-emoji-release.min.js?ver=6.2	103.164.173.2	200 OK	4.7 kB
URL HTTP/2 rtpfortun.top/wp-includes/js/wp-emoji-release.min.js?ver=6.2 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (15718) Size 4.7 kB (4651 bytes) Hash 1505054298424e604b5a09a42b050933 f77b8b02bb85b5aed0a54b51f8a362d789e0f6eb 9188acf1ae00bf1c2c8eff30a0a4f322dd71061dc3d4cb913a4280d83022f233 HTTP Headers `GET /wp-includes/js/wp-emoji-release.min.js?ver=6.2 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: application/javascript last-modified: Thu, 30 Mar 2023 00:43:45 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 4651 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-content/uploads/popularfx-templates/conceptial/style.css?ver=1.2.4	103.164.173.2	200 OK	994 B
URL HTTP/2 rtpfortun.top/wp-content/uploads/popularfx-templates/conceptial/style.css?ver=1.2.4 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (1739) Size 994 B (994 bytes) Hash b97b5513c9dc6e7e8b1edea9124462aa dd7615b94eee6187555a912d3251fbcd046c88f3 6e5e155425f345ad92ff1499085e1ab0a8728bc51d2b8f4c779429921190493a HTTP Headers `GET /wp-content/uploads/popularfx-templates/conceptial/style.css?ver=1.2.4 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: text/css last-modified: Fri, 29 Oct 2021 09:03:48 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 994 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-content/themes/popularfx/sidebar.css?ver=1.2.4	103.164.173.2	200 OK	2.1 kB
URL HTTP/2 rtpfortun.top/wp-content/themes/popularfx/sidebar.css?ver=1.2.4 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text Size 2.1 kB (2079 bytes) Hash 62416500b0cbbba154e971a4b6b03785 0c32dd557ca71e320e122474706e674e2214a598 783f6f461f167189cca10f5683fb1045eacf6c0255d8ee80302db6d13ebaa46e HTTP Headers `GET /wp-content/themes/popularfx/sidebar.css?ver=1.2.4 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: text/css last-modified: Wed, 15 Dec 2021 05:31:38 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 2079 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.3	103.164.173.2	200 OK	30 kB
URL HTTP/2 rtpfortun.top/wp-includes/js/jquery/jquery.min.js?ver=3.6.3 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (65447) Size 30 kB (30376 bytes) Hash edd33e7444ef66e0552f7e2becaf81cd 4b84a041981fff16d9450af2544299152961095c d83841e9d909efd5f1abe66e214968372f96a292e355db980bb2b3e0115ec903 HTTP Headers `GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.3 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: application/javascript last-modified: Thu, 30 Mar 2023 00:43:45 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 30376 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0	103.164.173.2	200 OK	4.6 kB
URL HTTP/2 rtpfortun.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text, with very long lines (13326) Size 4.6 kB (4603 bytes) Hash 568016071783b5bf3c5258bf25f7b8a8 8906e1f88561cace5403446edbb94d6ac6b84928 a31775416df1c287f423ade3554bf255281a718a3fe4193aff196a46532ccb09 HTTP Headers `GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: application/javascript last-modified: Thu, 30 Mar 2023 00:43:45 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 4603 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4	103.164.173.2	200 OK	1.5 kB
URL HTTP/2 rtpfortun.top/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type ASCII text Size 1.5 kB (1529 bytes) Hash b551d4719e5bae3fe592fed521640655 09e3ef26d9f743221b03d7ca06434c0b6efcaed7 0f11ffb9985542721627f695ed0261cb5ef8466c1fc95cc13fdc3783516e7eda HTTP Headers `GET /wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: application/javascript last-modified: Wed, 15 Dec 2021 05:31:38 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 1529 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-content/uploads/2023/03/cooltext432439744754654.png	103.164.173.2	200 OK	7.9 kB
URL HTTP/2 rtpfortun.top/wp-content/uploads/2023/03/cooltext432439744754654.png IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type PNG image data, 972 x 53, 8-bit/color RGBA, non-interlaced\012- data Size 7.9 kB (7898 bytes) Hash fd0af6fd537baa52534458ddf8d3e8dd f3233f89d01f772255bee3655fa14d28462a8f70 8927e2d9c6bcd816de094e05483f548ce2ade6bea9c409f95b6c5984c04379b5 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext432439744754654.png HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: image/png last-modified: Sat, 25 Mar 2023 12:50:27 GMT accept-ranges: bytes content-length: 7898 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-content/uploads/2023/03/cooltext432439735470983.png	103.164.173.2	200 OK	6.7 kB
URL HTTP/2 rtpfortun.top/wp-content/uploads/2023/03/cooltext432439735470983.png IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type PNG image data, 573 x 53, 8-bit/color RGBA, non-interlaced\012- data Size 6.7 kB (6710 bytes) Hash 2c3a8e4bd08a7367f22a681421ca510a 29b3a0db948ca08dce580b57411bd6a60869578f 3e12f95119faef3dda142bcb0a4996ee849b0d822e53b5d3749f37c600d71081 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext432439735470983.png HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: image/png last-modified: Sat, 25 Mar 2023 12:50:27 GMT accept-ranges: bytes content-length: 6710 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-content/uploads/2023/03/cooltext432439701551363.png	103.164.173.2	200 OK	6.4 kB
URL HTTP/2 rtpfortun.top/wp-content/uploads/2023/03/cooltext432439701551363.png IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type PNG image data, 653 x 53, 8-bit/color RGBA, non-interlaced\012- data Size 6.4 kB (6361 bytes) Hash bc8039f0f0b799736f64af71e36fea7b 9aa4572d7cfe876f29c7ba765aa7a1c2e09b4f73 888cd84eb1070239c0e000703e461a355d86be201167a64c11d5d1d25aceaf10 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext432439701551363.png HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: image/png last-modified: Sat, 25 Mar 2023 12:50:27 GMT accept-ranges: bytes content-length: 6361 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 21966d424aed17f9af10f69f1cb82860 87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be 6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 04:55:07 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 21966d424aed17f9af10f69f1cb82860 87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be 6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 04:55:07 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	rtpfortun.top/wp-content/plugins/pagelayer/css/givecss.php?give=pagelayer-frontend.css%2Cnivo-lightbox.css%2Canimate.min.css%2Cowl.carousel.min.css%2Cowl.theme.default.min.css%2Cfont-awesome5.min.css&premium&ver=1.7.3	103.164.173.2	200 OK	72 kB
URL HTTP/2 rtpfortun.top/wp-content/plugins/pagelayer/css/givecss.php?give=pagelayer-frontend.css%2Cnivo-lightbox.css%2Canimate.min.css%2Cowl.carousel.min.css%2Cowl.theme.default.min.css%2Cfont-awesome5.min.css&premium&ver=1.7.3 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type data Size 72 kB (71641 bytes) Hash c51254a15f99a011287c129d30a26d06 14f6a7f9e27a71d4284ffff8efe036976541d7ad 9010b1b0aadb3083a027d74dc7e6cca878d9849897319fa31b7ae2956db295d3 HTTP Headers GET /wp-content/plugins/pagelayer/css/givecss.php?give=pagelayer-frontend.css%2Cnivo-lightbox.css%2Canimate.min.css%2Cowl.carousel.min.css%2Cowl.theme.default.min.css%2Cfont-awesome5.min.css&premium&ver=1.7.3 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK x-powered-by: PHP/7.4.33 content-type: text/css; charset: UTF-8;charset=UTF-8 cache-control: must-revalidate last-modified: Fri, 05 Aug 2022 00:55:00 GMT vary: Accept-Encoding content-encoding: gzip date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2	216.58.207.227	200 OK	19 kB
URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data Size 19 kB (19292 bytes) Hash 19007b17e56daa60133bce9e9b352a95 bac1384caeae5762e7a1d8c18037f69c8cd21bc4 fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546 HTTP Headers `GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rtpfortun.top Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 19292 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:27:23 GMT expires: Sat, 23 Mar 2024 10:27:23 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:12:54 GMT content-type: font/woff2 age: 498464 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 21966d424aed17f9af10f69f1cb82860 87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be 6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 30 Mar 2023 04:55:07 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17019 Expires: Thu, 30 Mar 2023 09:38:46 GMT Date: Thu, 30 Mar 2023 04:55:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17019 Expires: Thu, 30 Mar 2023 09:38:46 GMT Date: Thu, 30 Mar 2023 04:55:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17019 Expires: Thu, 30 Mar 2023 09:38:46 GMT Date: Thu, 30 Mar 2023 04:55:07 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg	34.120.237.76	200 OK	8.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.8 kB (8795 bytes) Hash d1e861b518e06e17ce657c5f9fc15daf 214322b88798120159ab55c7121c8775727b8fc7 3438eb2b7e18d784416c139b42c036eefff3759602e4ce553815c628e1cb5016 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8795 x-amzn-requestid: 33d91f7c-7d04-405b-8060-33e438ed09f6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkAz2GwKoAMFW5A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424ae7e-54ba3517206ac61c50167c3e;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:46 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: nORkLBTHqZ_ZrUuEkg9BcVT2TJzP7OLBRQtfUUzRgvwP9Q9dZtMFbg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:44:50 GMT etag: "214322b88798120159ab55c7121c8775727b8fc7" content-type: image/jpeg age: 25817 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10271 bytes) Hash 424b55535e5fd622b2fc96aac1246324 cf7cf08aa8969a86bf03695af2129686fd62fe86 c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10271 x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkBoXGh5oAMFfzw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 6lKfWQ4mVZdKDpPhp9KzllP2eyH03CsFufQxXVTUZ1s1t1gQs1OUFA== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:44:50 GMT age: 25817 etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg	34.120.237.76	200 OK	5.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.1 kB (5108 bytes) Hash aa4bea27e3e3b648176b5d87c919422d 1aa537444512644c9e5ddbb732cb310e5d3f3a26 28706ef531eabf37199ce8160884b6abe9220809e6217000883a0d9f0a23e93d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5108 x-amzn-requestid: 8d187151-2480-477a-82d9-fa5c96dd61db x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkA6THX9IAMFhrw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424aea7-5e5a11746610faac7bb883bb;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:28 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: Ge8akB_ayFSkKRL3ertvjT30SXu44y88zNfoxDCmaqjfeshVRRTQTw== via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:44:50 GMT etag: "1aa537444512644c9e5ddbb732cb310e5d3f3a26" content-type: image/jpeg age: 25817 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880692f5-03f5-4540-ad20-5c8bd8336833.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880692f5-03f5-4540-ad20-5c8bd8336833.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8560 bytes) Hash c3261e7e3ac917fa959fcf8648c3ab98 bb4ef5a29187d75c97ef3f7a5672ccb009791561 4070b831a379ae1ed187a03b479460842cb2ece90d77c30fc6fc4517bc76f3b5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F880692f5-03f5-4540-ad20-5c8bd8336833.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8560 x-amzn-requestid: 5f1fbb58-48aa-430f-a132-0e7057e159c1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CewdRFeIoAMF-uQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64229454-40f85a155c9e623374d21bb8;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 07:16:36 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: nyhw0gOUkvg7zzOBejYRXvDhs-rf8IRF9xFxeMWZYCX_iNq_JA8d4A== via: 1.1 f3802d173009698413044360f84de06c.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 07:36:07 GMT age: 76740 etag: "bb4ef5a29187d75c97ef3f7a5672ccb009791561" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg	34.120.237.76	200 OK	5.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.4 kB (5395 bytes) Hash 76c71571a378e261334e5acb723634ab f1234c280364b6fe1dcf9c6c64edadc235108c4b 97544d600ab1ae204b169c3b7ba2a74df689b6c711a003d72f0934165d8a3e25 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5395 x-amzn-requestid: ff3218dc-8754-4568-8e42-0885cb7e5d06 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkA0BFYNoAMF80w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424ae7f-127129cf3776a60c333d205c;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: ayBzSVUrRznKMPzI1JYvj1ikLo-arbVQUxdEZDM7KYHWyL2cwT10tA== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:45:03 GMT etag: "f1234c280364b6fe1dcf9c6c64edadc235108c4b" content-type: image/jpeg age: 25804 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4549 bytes) Hash 2021c271f9290204bd14cd2a3a1680fc 39b68cbcaba381d63dc67bc289fb67c849adb9ff a84c5dd1e52d7cd535e04cb455891a1442000eb0e4381031c976b4cf3be96f2f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2075fc9-4e24-4d01-853a-8aa29cb2b832.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4549 x-amzn-requestid: 70e07309-5fc5-4307-b455-29a187eae0d6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CkBoBHFFoAMFx5Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6424afcc-298f18fd0cf0b37465a74c13;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:20 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: kbG1Llnn0Elhz5ItoJyufkUgoB5FhmvLpk2oQox2HPnSHeBfCOuXXw== via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 21:44:50 GMT age: 25817 etag: "39b68cbcaba381d63dc67bc289fb67c849adb9ff" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	rtpfortun.top/wp-content/uploads/2023/03/Cool-Text-DEPOSIT-REKENING-BANK-PULSA-EWALLET-DAN-QRIS-432440065079575.png	103.164.173.2	200 OK	198 kB
URL HTTP/2 rtpfortun.top/wp-content/uploads/2023/03/Cool-Text-DEPOSIT-REKENING-BANK-PULSA-EWALLET-DAN-QRIS-432440065079575.png IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type PNG image data, 3319 x 226, 8-bit/color RGBA, non-interlaced\012- data Size 198 kB (198002 bytes) Hash b8e91af3140265f47697c6cfa77e43a6 d9fd70976952984affe170162d5762f3d8e08062 9e7a74e36798d36d082cdf8da94072e0737f35c1cce9b5c6b527650ac5c65f97 HTTP Headers `GET /wp-content/uploads/2023/03/Cool-Text-DEPOSIT-REKENING-BANK-PULSA-EWALLET-DAN-QRIS-432440065079575.png HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: image/png last-modified: Sat, 25 Mar 2023 12:58:21 GMT accept-ranges: bytes content-length: 198002 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-content/uploads/2023/03/cooltext432439902051234.gif	103.164.173.2	200 OK	274 kB
URL HTTP/2 rtpfortun.top/wp-content/uploads/2023/03/cooltext432439902051234.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 826 x 112\012- data Size 274 kB (274260 bytes) Hash 75611ecd71a233de6aae390df5db609a f133f6fb348dac707eb26edd84d56d5a85f7c2c7 90972f0a57dd355372a32b744d4ff7d61801a299d9b6580e92443505113e36e0 HTTP Headers `GET /wp-content/uploads/2023/03/cooltext432439902051234.gif HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: image/gif last-modified: Sat, 25 Mar 2023 12:53:51 GMT accept-ranges: bytes content-length: 274260 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	rtpfortun.top/wp-content/uploads/2023/03/fortungif2.gif	103.164.173.2	200 OK	554 kB
URL HTTP/2 rtpfortun.top/wp-content/uploads/2023/03/fortungif2.gif IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type GIF image data, version 89a, 480 x 720\012- data Size 554 kB (553973 bytes) Hash b61d58375f79523dd9313cdcc6c64737 130fb2cc591caef761c7e41ccf41eebcde513b82 532d2f1ad21f443cd7e05b58e26bdc1a96e49a065ca8b6fbd1063cc287fa6913 HTTP Headers `GET /wp-content/uploads/2023/03/fortungif2.gif HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Thu, 06 Apr 2023 04:55:07 GMT content-type: image/gif last-modified: Sat, 25 Mar 2023 12:54:30 GMT accept-ranges: bytes content-length: 553973 date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4239dcf-d6d6-4801-9d16-74b0d7e5d075.jpeg	34.120.237.76	200 OK	9.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4239dcf-d6d6-4801-9d16-74b0d7e5d075.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.1 kB (9083 bytes) Hash be355ca6d4b70b5457e2fc2317981a07 4d01d9eb4d5723683e0828ce06c6e99a9bf1423b b961abfcead09f78f25117acb48464829e45c5bafa0f0e6244e2520ffbdb62cb HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4239dcf-d6d6-4801-9d16-74b0d7e5d075.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 9083 x-amzn-requestid: 0c03f8b3-4d84-439f-8ce6-3560337d0d6a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CewbkHQdIAMF0Qw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64229449-14cb7d6e0ddf3f144c976adb;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 07:16:25 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Ts8HQx2z7zd4W2GTsd2TXYlG7Zhul537x_ZpyWQBMXnncfqXV9aObw== via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 07:32:17 GMT age: 76977 etag: "4d01d9eb4d5723683e0828ce06c6e99a9bf1423b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	rtpfortun.top/	103.164.173.2	200 OK	0 B
URL HTTP/2 rtpfortun.top/ IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK x-powered-by: PHP/7.4.33 content-type: text/html; charset=UTF-8 link: <https://rtpfortun.top/wp-json/>; rel="https://api.w.org/", <https://rtpfortun.top/wp-json/wp/v2/pages/31>; rel="alternate"; type="application/json", <https://rtpfortun.top/>; rel=shortlink content-encoding: br vary: Accept-Encoding date: Thu, 30 Mar 2023 04:55:06 GMT server: LiteSpeed alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" X-Firefox-Spdy: h2

	fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500	142.250.74.106	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500 IP 142.250.74.106:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css?family=Muli%3A400%2C500%2C600%7CQuestrial%3A400%2C500 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://rtpfortun.top Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 30 Mar 2023 04:55:07 GMT date: Thu, 30 Mar 2023 04:55:07 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	rtpfortun.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3	103.164.173.2	200 OK	0 B
URL HTTP/2 rtpfortun.top/wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3 IP 103.164.173.2:0 ASN #138131 CV. NATANETWORK SOLUTION File type Size 0 B (0 bytes) Hash HTTP Headers GET /wp-content/plugins/pagelayer/js/givejs.php?give=pagelayer-frontend.js%2Cnivo-lightbox.min.js%2Cwow.min.js%2Cjquery-numerator.js%2CsimpleParallax.min.js%2Cowl.carousel.min.js&premium&ver=1.7.3 HTTP/1.1 Host: rtpfortun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rtpfortun.top/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK x-powered-by: PHP/7.4.33 content-type: text/javascript; charset: UTF-8;charset=UTF-8 cache-control: must-revalidate last-modified: Tue, 07 Feb 2023 06:13:44 GMT vary: Accept-Encoding content-encoding: gzip date: Thu, 30 Mar 2023 04:55:07 GMT server: LiteSpeed X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (45)

URL HTTP/1.1

IP

ASN

File type