r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14505
Expires: Tue, 13 Dec 2022 02:08:28 GMT
Date: Mon, 12 Dec 2022 22:06:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b8fe6ec1ac390bc5b90b68b0e3005299
4ce20d527fcc93a2a6d1c5f3ab73ee8ded2a57f2
1755a645d41780a9e54ee1ad04a2b293d16d2a98e543f81835c3a66e3d58c3be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1755A645D41780A9E54EE1AD04A2B293D16D2A98E543F81835C3A66E3D58C3BE"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8252
Expires: Tue, 13 Dec 2022 00:24:15 GMT
Date: Mon, 12 Dec 2022 22:06:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2222
Expires: Mon, 12 Dec 2022 22:43:45 GMT
Date: Mon, 12 Dec 2022 22:06:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 21:33:43 GMT
content-type: application/json
age: 1980
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mNeKAmFtIhruR6sOXk321vde87DsAQ2908IMrUPt4yy04H3oW6G3+KsiVegYU27h2WjKTGWT+b4=
x-amz-request-id: DAVEKTE06BM4B3GF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 21:49:46 GMT
age: 1017
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:06:43 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 21:07:56 GMT
age: 3527
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
nappubg.vn/
103.57.221.31200 OK 9.9 kB IP 103.57.221.31:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1782), with CRLF line terminators
Hash a9695391c9457969b1bb9a711cba1f24
e5aef77c32ac29c332fd66e58c185965eb19c2fe
57dcaf4624fe27037406a4712f28a6fd71707853cd37f4f1681c1a755a14f03e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
X-Powered-By: PHP/7.2.34
Content-Type: text/html; charset=UTF-8
Content-Length: 9861
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 22:06:43 GMT
Server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee19f96e42a0eca99d00c8d91f977c35
3bf8dbf8b8ce6ea7adadf7bb92cae2f9502fbee9
6d8adcb1494bfe2ca73cd6b77eb57b2d08e07b05eb892fea98a1fde0bfb2ea12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5048
Cache-Control: max-age=131056
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:43 GMT
Etag: "6396ef2b-1d7"
Expires: Wed, 14 Dec 2022 10:30:59 GMT
Last-Modified: Mon, 12 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a33409f980e81b54f660035dd9c14cfb
8399645bbd14b6a968328c6552b837e3368948a3
9cf6b1845f29636c04e711a6bf1e7937773c6c4522e2ba66dd6c43bfef34b33b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-143348232-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-143348232-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash a813110da878a190b9552f90f7117c35
2754dca6b59fd23a36dea90732ad47dcb9170e3c
ba7704641e2c4cc4fdfc01bc885726057c32cbf911b6e0b9190310b5ac929162
GET /gtag/js?id=UA-143348232-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Dec 2022 22:06:43 GMT
expires: Mon, 12 Dec 2022 22:06:43 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43575
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a33409f980e81b54f660035dd9c14cfb
8399645bbd14b6a968328c6552b837e3368948a3
9cf6b1845f29636c04e711a6bf1e7937773c6c4522e2ba66dd6c43bfef34b33b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nappubg.vn/napcard.net/wp-content/themes/napcard/css/style.css
103.57.221.31200 OK 1.3 kB URL HTTP/1.1 nappubg.vn/napcard.net/wp-content/themes/napcard/css/style.css
IP 103.57.221.31:0
File type ASCII text, with very long lines (3863), with no line terminators
Hash 7fc3474a170c59503cf6501e8bdb60d5
3813a8db6c1a004dc00f090cd37b09ed83da8726
0e727fdd17962c4b6ca1de0d83875ba9cb405c985a55c243a4f3e1d2db666f41
GET /napcard.net/wp-content/themes/napcard/css/style.css HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:43 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1252
Date: Mon, 12 Dec 2022 22:06:43 GMT
Server: LiteSpeed
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DwV0f62n7VpMAU+xmC8O3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Jm3NwDu2eEY0qaDidKOtBOuMUcg=
nappubg.vn/napcard.net/wp-includes/css/dist/block-library/style.minaaf9.css?ver=5.0.8
103.57.221.31200 OK 4.3 kB URL HTTP/1.1 nappubg.vn/napcard.net/wp-includes/css/dist/block-library/style.minaaf9.css?ver=5.0.8
IP 103.57.221.31:0
File type ASCII text, with very long lines (25658), with no line terminators
Hash 9fb1d05de92071499d8b590d6463f4d7
7e0d6c8141d2dd6567807bf0821f7a56125f7d20
c1c9918adfcb1ef263b239f484730426a79b7d8efd54830fa8781651d6cbeaf7
Analyzer Verdict Alert fortinet Phishing
GET /napcard.net/wp-includes/css/dist/block-library/style.minaaf9.css?ver=5.0.8 HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:43 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4297
Date: Mon, 12 Dec 2022 22:06:43 GMT
Server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a8e9c506d97caf5f09f003683e8cbd55
598d81718106a8e0f7f237a8e53d61154683f155
8ffc4480924f3e7572eb45a58db35bafbf76803e3070ca8c0f4658203055a6d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165239
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:44 GMT
Etag: "6397886b-117"
Expires: Wed, 14 Dec 2022 20:00:43 GMT
Last-Modified: Mon, 12 Dec 2022 20:00:43 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a8e9c506d97caf5f09f003683e8cbd55
598d81718106a8e0f7f237a8e53d61154683f155
8ffc4480924f3e7572eb45a58db35bafbf76803e3070ca8c0f4658203055a6d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165239
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:44 GMT
Etag: "6397886b-117"
Expires: Wed, 14 Dec 2022 20:00:43 GMT
Last-Modified: Mon, 12 Dec 2022 20:00:43 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a8e9c506d97caf5f09f003683e8cbd55
598d81718106a8e0f7f237a8e53d61154683f155
8ffc4480924f3e7572eb45a58db35bafbf76803e3070ca8c0f4658203055a6d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=165239
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:44 GMT
Etag: "6397886b-117"
Expires: Wed, 14 Dec 2022 20:00:43 GMT
Last-Modified: Mon, 12 Dec 2022 20:00:43 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
nappubg.vn/napcard.net/wp-content/plugins/contact-form-7/includes/css/styles3c21.css?ver=5.1.1
103.57.221.31200 OK 657 B URL HTTP/1.1 nappubg.vn/napcard.net/wp-content/plugins/contact-form-7/includes/css/styles3c21.css?ver=5.1.1
IP 103.57.221.31:0
Hash 05693f8e3634eaa294f415f241b633b6
8136e661102dfe848f2ce6bf384b9aba8e2829cc
550c7691a7e68e174472d3b68b3b147e40cdfe90335e9cd441cffeece9f9dfc4
Analyzer Verdict Alert fortinet Phishing
GET /napcard.net/wp-content/plugins/contact-form-7/includes/css/styles3c21.css?ver=5.1.1 HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:43 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 657
Date: Mon, 12 Dec 2022 22:06:43 GMT
Server: LiteSpeed
nappubg.vn/napcard.net/wp-includes/js/jquery/jquery-migrate.min330a.js?ver=1.4.1
103.57.221.31200 OK 4.0 kB URL HTTP/1.1 nappubg.vn/napcard.net/wp-includes/js/jquery/jquery-migrate.min330a.js?ver=1.4.1
IP 103.57.221.31:0
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
Analyzer Verdict Alert fortinet Phishing
GET /napcard.net/wp-includes/js/jquery/jquery-migrate.min330a.js?ver=1.4.1 HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:43 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4034
Date: Mon, 12 Dec 2022 22:06:43 GMT
Server: LiteSpeed
nappubg.vn/napcard.net/wp-content/themes/napcard/css/bootstrap.min.css
103.57.221.31200 OK 20 kB URL HTTP/1.1 nappubg.vn/napcard.net/wp-content/themes/napcard/css/bootstrap.min.css
IP 103.57.221.31:0
File type ASCII text, with very long lines (65371)
Hash abedf3f01999e64872fc3dea530ab5f8
6b71f5b726a798899aa171cf6a9fe46ae1d09dce
faed839e716cbb6df682ab7a9d5bfe495e9baa43d3f2f3664849b64863ba34ea
GET /napcard.net/wp-content/themes/napcard/css/bootstrap.min.css HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:43 GMT
Content-Type: text/css
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 19739
Date: Mon, 12 Dec 2022 22:06:43 GMT
Server: LiteSpeed
nappubg.vn/images.dmca.com/Badges/DMCABadgeHelper.min.js
103.57.221.31200 OK 275 B URL HTTP/1.1 nappubg.vn/images.dmca.com/Badges/DMCABadgeHelper.min.js
IP 103.57.221.31:0
Hash 45b235fb87b19eb2f5be4363d7f1ac52
7491f288afba6f25eca00247be400e20d3914eb3
086f75c995c89b50bfa807b21044a82d240c75f7307ff724a5d1a488c85719a4
Analyzer Verdict Alert fortinet Phishing
GET /images.dmca.com/Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:43 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 275
Date: Mon, 12 Dec 2022 22:06:43 GMT
Server: LiteSpeed
nappubg.vn/napcard.net/wp-content/themes/napcard/js/bootstrap.min.js
103.57.221.31200 OK 9.9 kB URL HTTP/1.1 nappubg.vn/napcard.net/wp-content/themes/napcard/js/bootstrap.min.js
IP 103.57.221.31:0
File type ASCII text, with very long lines (32033)
Hash a5591ca0db4c540d440c2c1e4736a73a
7684281159a99bea723a81404244c92370d47f76
27f85fda2ee48e2a19d80c627f546450b35fcc3408dd2aedf548bb6d1e659b77
Analyzer Verdict Alert fortinet Phishing
GET /napcard.net/wp-content/themes/napcard/js/bootstrap.min.js HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:43 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 9930
Date: Mon, 12 Dec 2022 22:06:43 GMT
Server: LiteSpeed
nappubg.vn/napcard.net/wp-content/plugins/contact-form-7/includes/js/scripts3c21.js?ver=5.1.1
103.57.221.31200 OK 4.0 kB URL HTTP/1.1 nappubg.vn/napcard.net/wp-content/plugins/contact-form-7/includes/js/scripts3c21.js?ver=5.1.1
IP 103.57.221.31:0
Hash a975a254fbc49a0086a84e624d7f094c
04885e648587650d8782310a9e8056191dbe5411
5033a9e7cefd80eda6878d4fe33c7e3a59f2da9e06a7a74d44961a9d8de4ee20
GET /napcard.net/wp-content/plugins/contact-form-7/includes/js/scripts3c21.js?ver=5.1.1 HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:44 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3993
Date: Mon, 12 Dec 2022 22:06:44 GMT
Server: LiteSpeed
nappubg.vn/napcard.net/wp-includes/js/jquery/jqueryb8ff.js?ver=1.12.4
103.57.221.31200 OK 34 kB URL HTTP/1.1 nappubg.vn/napcard.net/wp-includes/js/jquery/jqueryb8ff.js?ver=1.12.4
IP 103.57.221.31:0
File type ASCII text, with very long lines (31997)
Hash 4cb886fab8df714a83d92f10c4d29e64
489b26aec0af8ee01d073fc9bc6e75ce115fd186
78498197a2c16bdb6f0b9ca944e06eed359c5d19871563d67b8f8fdae238e7df
Analyzer Verdict Alert fortinet Phishing
GET /napcard.net/wp-includes/js/jquery/jqueryb8ff.js?ver=1.12.4 HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:43 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 33838
Date: Mon, 12 Dec 2022 22:06:43 GMT
Server: LiteSpeed
nappubg.vn/ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
103.57.221.31200 OK 3.8 kB URL HTTP/1.1 nappubg.vn/ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
IP 103.57.221.31:0
File type ASCII text, with very long lines (12020)
Hash beadac1dfc73b991f30952dcf0359b13
bddace500e2de81ff6b95e861b6b320f5049b794
ed434044716fef7ba73efecd712d4018608f804c541ff99e6288f48c824ab5a9
Analyzer Verdict Alert fortinet Phishing
GET /ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:44 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3753
Date: Mon, 12 Dec 2022 22:06:44 GMT
Server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bb63667d79da37d86ec2743a821f12c7
f1106039dbaa7f7d4ca888d0cd22649753ce7005
384b4f56f9cb53f169f09ad9bef1bf317d26c9050c44f5957508d969eeae889b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/EWfFRnzIHRs/maxresdefault.jpg
142.250.74.22200 OK 88 kB URL HTTP/2 i.ytimg.com/vi/EWfFRnzIHRs/maxresdefault.jpg
IP 142.250.74.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 75f8322aa27c57927336421bf9b12f8e
9bd93ec7b33dc3c60455b1797332ccc4df99a670
5c0c4ddc6519703f4b933b8e37ddaffa1da16f333f37b04a0fa5e26b80887b6f
GET /vi/EWfFRnzIHRs/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 87911
date: Mon, 12 Dec 2022 22:06:44 GMT
expires: Tue, 13 Dec 2022 00:06:44 GMT
cache-control: public, max-age=7200
etag: "1551670865"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bb63667d79da37d86ec2743a821f12c7
f1106039dbaa7f7d4ca888d0cd22649753ce7005
384b4f56f9cb53f169f09ad9bef1bf317d26c9050c44f5957508d969eeae889b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nappubg.vn/images.dmca.com/Badges/dmca_protected_sml_120m3a7a.png?ID=85f5b4c4-755a-481a-a50d-eff3d7703d5f
103.57.221.31200 OK 2.2 kB URL HTTP/1.1 nappubg.vn/images.dmca.com/Badges/dmca_protected_sml_120m3a7a.png?ID=85f5b4c4-755a-481a-a50d-eff3d7703d5f
IP 103.57.221.31:0
File type PNG image data, 121 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b6c626298d2bc133121172b17e8ac5cf
7e0d59debd84381b1c5a64136e6ef4c4f24034cc
075535cca15623d527f533d7a54e63ed6f4443eb7113d850447b959569fbc6b3
GET /images.dmca.com/Badges/dmca_protected_sml_120m3a7a.png?ID=85f5b4c4-755a-481a-a50d-eff3d7703d5f HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=2629000, public
Expires: Mon, 19 Dec 2022 22:06:44 GMT
Content-Type: image/png
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Length: 2152
Date: Mon, 12 Dec 2022 22:06:44 GMT
Server: LiteSpeed
nappubg.vn/ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
103.57.221.31200 OK 34 kB URL HTTP/1.1 nappubg.vn/ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 103.57.221.31:0
File type ASCII text, with very long lines (32077)
Hash 83e595b6e9ab09ae9524f1c197543380
39e30a4bd3922ca6130a88ac7074ffe6878e70b5
6cebe0187fd6494c9c4f593fa12f071ecf42b93510307341a3afec552f828540
Analyzer Verdict Alert fortinet Phishing
GET /ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:44 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 33840
Date: Mon, 12 Dec 2022 22:06:44 GMT
Server: LiteSpeed
nappubg.vn/napcard.net/wp-content/uploads/2018/12/img_form%402x.png
103.57.221.31200 OK 277 B URL HTTP/1.1 nappubg.vn/napcard.net/wp-content/uploads/2018/12/img_form%402x.png
IP 103.57.221.31:0
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced\012- data
Hash 82eb10caafcb8e2a35f5b5e2f13514e4
a5b926dc4e9f7b30decee4f99e9a5a75a2648e06
9a5cb6d7a86986a22a6bc015a8841dd67fd7430fc0eb8ab5cbf3a7815a5d95a5
GET /napcard.net/wp-content/uploads/2018/12/img_form%402x.png HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/napcard.net/wp-content/themes/napcard/css/style.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=2629000, public
Expires: Mon, 19 Dec 2022 22:06:44 GMT
Content-Type: image/png
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Length: 277
Date: Mon, 12 Dec 2022 22:06:44 GMT
Server: LiteSpeed
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7a3e13e78f90788c56a93f7ffd9be884
bb6e2205661434f2eb8964f59b8f0d950c11ba0d
48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10049
Expires: Tue, 13 Dec 2022 00:54:14 GMT
Date: Mon, 12 Dec 2022 22:06:45 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7a3e13e78f90788c56a93f7ffd9be884
bb6e2205661434f2eb8964f59b8f0d950c11ba0d
48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10049
Expires: Tue, 13 Dec 2022 00:54:14 GMT
Date: Mon, 12 Dec 2022 22:06:45 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7a3e13e78f90788c56a93f7ffd9be884
bb6e2205661434f2eb8964f59b8f0d950c11ba0d
48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10049
Expires: Tue, 13 Dec 2022 00:54:14 GMT
Date: Mon, 12 Dec 2022 22:06:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP 34.120.237.76:0
Hash 4f794e60c6d26fd444893f19274c64ca
522509749353b4a1d32f235f194001394742eb6f
1fc3754ea76c698ef2e3c11217d50c13312c59fe264b29473a3c73b840a4fcec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KkltHSO_YnfExbgR5cg199uOPnKy62zoMPwFfktRCpu03ImoFNMAIw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:37:58 GMT
age: 84527
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J2FSKW1AHhnyu2NBJDcqib3iVsOk745-dgnNgmk6T-QKcg-z5He7qw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 09:24:15 GMT
age: 45750
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UU3eyJXDqth6F65_913HL9lqA3qZHfGExAV89BRzHpQho5wZbQRTmw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:52:33 GMT
age: 852
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f8d3e3c9e5d2ed74c3894b4825fcc2f
6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da
9e44f93e65206ae7095cf9177296f4f528f1c2597cffa4853b7d6dcabf032796
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5619
x-amzn-requestid: df7189d2-5cad-43a2-9511-20c5de53f710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEMPFCSIAMF4uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d81-729683c606fd6abc5bc70534;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2pga97qYwh0G0tlQvRwkVvA3Xm9yynDBhOATBNKLFk1IxG5PBgv4fw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:58:39 GMT
age: 486
etag: "6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4720
x-amzn-requestid: dd990fe1-8447-403e-b276-40889af5baa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENuF6SoAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-59b5a8f92ef6111e64e16079;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SBYH2ZqOyZx6tB8u3g3dkimaCUGSWAMQhULpYs4gWrmZ6i3_1Br_zQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:57:42 GMT
age: 543
etag: "d43cd03d5eb3e7618b6fb70c935010c2ac92ad32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75dd1ecae61b991cd21929deb9244aac
4f14c9f7b36dfa356877251f1e6a0f5936286c4b
3435eda8961bb9954fcf5fd7c957ce58fd7aa4bb9e00525b8f42756adcf341e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6438
x-amzn-requestid: 517b1627-9789-48e8-b5df-106fee878820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENaGN6IAMFoUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d88-28cbd126745e8ab15d937936;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vPiqEPzdYtVSdb8l3Gz5f1X2tMjYuPdtLfxgiicjQRygN6SU5CrWMg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:59:56 GMT
age: 409
etag: "4f14c9f7b36dfa356877251f1e6a0f5936286c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nappubg.vn/files/js/bootstrap.min.js
103.57.221.31200 OK 9.9 kB URL HTTP/1.1 nappubg.vn/files/js/bootstrap.min.js
IP 103.57.221.31:0
File type ASCII text, with very long lines (32033)
Hash e66d1cadef9709b7e1177fa2bad57689
803a0026f5687b488fd80e99268a8ec6aebbd487
7ee290583814a684905461e9338a94be5b0ef39de9cf4cddd995e5d3b3805fc9
Analyzer Verdict Alert fortinet Phishing
GET /files/js/bootstrap.min.js HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:44 GMT
Content-Type: application/javascript
Last-Modified: Tue, 24 Mar 2020 13:35:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 9860
Date: Mon, 12 Dec 2022 22:06:44 GMT
Server: LiteSpeed
nappubg.vn/files/js/custom.js
103.57.221.31200 OK 887 B URL HTTP/1.1 nappubg.vn/files/js/custom.js
IP 103.57.221.31:0
Hash 57c8ac8f76e2ec239065c22c8c213e87
b89830e993cb5ab69919db8bdaa233dcc09b2ab8
58e63a449268867a1d688b91ceb8d132dcb09a9e9f5d099e877760396bd71d4f
Analyzer Verdict Alert fortinet Phishing
GET /files/js/custom.js HTTP/1.1
Host: nappubg.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nappubg.vn/
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: max-age=3600, public
Expires: Mon, 19 Dec 2022 22:06:44 GMT
Content-Type: application/javascript
Last-Modified: Sat, 19 Nov 2022 08:47:59 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 887
Date: Mon, 12 Dec 2022 22:06:44 GMT
Server: LiteSpeed
napcard.net/wp-includes/js/wp-emoji-release.min.js?ver=5.0.8
163.44.194.225200 OK 19 kB URL HTTP/1.1 napcard.net/wp-includes/js/wp-emoji-release.min.js?ver=5.0.8
IP 163.44.194.225:0
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.0.8 HTTP/1.1
Host: napcard.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 22:06:45 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 02:10:30 GMT
ETag: "48b9-5dfcc93de111a"
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
s.w.org/images/core/emoji/11/svg/1f48e.svg
192.0.77.48200 OK 301 B URL HTTP/2 s.w.org/images/core/emoji/11/svg/1f48e.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (301), with no line terminators
Hash 5a8d9af8b5b3922097b2cccfce844630
6ac2f699a69f5be83bd5fc7e80d57c979e35d501
6e7a1458d222e42798409e0e827860aa1cdff49188b5fd8bb249eae14d38e532
GET /images/core/emoji/11/svg/1f48e.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 22:06:45 GMT
content-type: image/svg+xml
content-length: 301
last-modified: Fri, 08 Jun 2018 13:09:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 12 Dec 2022 20:41:08 GMT
expires: Mon, 12 Dec 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 5137
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=133907200&t=pageview&_s=1&dl=http%3A%2F%2Fnappubg.vn%2F&ul=en-us&de=UTF-8&dt=N%E1%BA%A1p%20Th%E1%BA%BB%20Pubg%20Mobile%20b%E1%BA%B1ng%20th%E1%BA%BB%20c%C3%A0o%20nh%E1%BA%ADn%20500%25%20UC&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=2034029128&gjid=1876122894&cid=441531901.1670882804&tid=UA-143348232-1&_gid=761584685.1670882804&_r=1>m=2oubu0&z=1523946332
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=133907200&t=pageview&_s=1&dl=http%3A%2F%2Fnappubg.vn%2F&ul=en-us&de=UTF-8&dt=N%E1%BA%A1p%20Th%E1%BA%BB%20Pubg%20Mobile%20b%E1%BA%B1ng%20th%E1%BA%BB%20c%C3%A0o%20nh%E1%BA%ADn%20500%25%20UC&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=2034029128&gjid=1876122894&cid=441531901.1670882804&tid=UA-143348232-1&_gid=761584685.1670882804&_r=1>m=2oubu0&z=1523946332
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j98&a=133907200&t=pageview&_s=1&dl=http%3A%2F%2Fnappubg.vn%2F&ul=en-us&de=UTF-8&dt=N%E1%BA%A1p%20Th%E1%BA%BB%20Pubg%20Mobile%20b%E1%BA%B1ng%20th%E1%BA%BB%20c%C3%A0o%20nh%E1%BA%ADn%20500%25%20UC&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=2034029128&gjid=1876122894&cid=441531901.1670882804&tid=UA-143348232-1&_gid=761584685.1670882804&_r=1>m=2oubu0&z=1523946332 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://nappubg.vn
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://nappubg.vn
date: Mon, 12 Dec 2022 22:06:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.pinimg.com/originals/f0/62/a3/f062a3f214b208dd4eac506542f91422.png
151.101.84.84200 OK 158 kB URL HTTP/2 i.pinimg.com/originals/f0/62/a3/f062a3f214b208dd4eac506542f91422.png
IP 151.101.84.84:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 158 kB (157984 bytes)
Hash ad501fc86ae7d8255fee07de20e67261
b685cae53f62f79d74cc8003b99bed96244cce84
7c34246a3cf71414680a0a388b881a74fb12efec9d0f37949a9de22faf077cef
GET /originals/f0/62/a3/f062a3f214b208dd4eac506542f91422.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "ad501fc86ae7d8255fee07de20e67261"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 12 Dec 2022 22:06:45 GMT
content-length: 157984
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f0d7ee67d09f0202f92d59bd58470981
6aa9f9aa9cb30facc78bf4d8f92321a2eaec499c
32b15d14b7aac95f896e8ec2bbd89ef3d97fb66c3170c6950ea993dc780850d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1441
Cache-Control: max-age=101901
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:45 GMT
Etag: "63968b61-1d7"
Expires: Wed, 14 Dec 2022 02:25:06 GMT
Last-Modified: Mon, 12 Dec 2022 02:01:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c797045ce2453615ff57e1749364ccd
30192a4c14e94cdb789832ead604861432296e2e
96867aa0b5bea168df793e580b71dcf005c1afb5786780230b8aadfc4bf6648c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-143348232-1&cid=441531901.1670882804&jid=2034029128&gjid=1876122894&_gid=761584685.1670882804&_u=YEBAAUAAAAAAACAAI~&z=280288317
64.233.165.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-143348232-1&cid=441531901.1670882804&jid=2034029128&gjid=1876122894&_gid=761584685.1670882804&_u=YEBAAUAAAAAAACAAI~&z=280288317
IP 64.233.165.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-143348232-1&cid=441531901.1670882804&jid=2034029128&gjid=1876122894&_gid=761584685.1670882804&_u=YEBAAUAAAAAAACAAI~&z=280288317 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://nappubg.vn
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://nappubg.vn
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Dec 2022 22:06:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c797045ce2453615ff57e1749364ccd
30192a4c14e94cdb789832ead604861432296e2e
96867aa0b5bea168df793e580b71dcf005c1afb5786780230b8aadfc4bf6648c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be36fdcbab5a82c4711b6eb21d16120b
4589a6e36d78df3d385043a6041da679f0b366e4
423e6b90363e7b036ae2270c3dbc280d6a3621c721b1b92aefb377fed560d227
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b14162cab0131ca3a7e7c1c6d72c77f3
87a1ae365bc2a459c323770eb9632d28649b2b1b
759526e8274b5fa52e1a46496e286cc04466a27c41a8f20de6aee1b756feb87c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-143348232-1&cid=441531901.1670882804&jid=2034029128&_u=YEBAAUAAAAAAACAAI~&z=422152638
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-143348232-1&cid=441531901.1670882804&jid=2034029128&_u=YEBAAUAAAAAAACAAI~&z=422152638
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-143348232-1&cid=441531901.1670882804&jid=2034029128&_u=YEBAAUAAAAAAACAAI~&z=422152638 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 22:06:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-143348232-1&cid=441531901.1670882804&jid=2034029128&_u=YEBAAUAAAAAAACAAI~&z=422152638
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-143348232-1&cid=441531901.1670882804&jid=2034029128&_u=YEBAAUAAAAAAACAAI~&z=422152638
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-143348232-1&cid=441531901.1670882804&jid=2034029128&_u=YEBAAUAAAAAAACAAI~&z=422152638 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 22:06:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be36fdcbab5a82c4711b6eb21d16120b
4589a6e36d78df3d385043a6041da679f0b366e4
423e6b90363e7b036ae2270c3dbc280d6a3621c721b1b92aefb377fed560d227
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a41c1c2a6aad29835a33369555bbe359
4e104748d3d8c3237d58e03b6f7493fcc9182142
a0495e2ab6ed55134a4bf56eb85252977c6978eb965b14724d47e3c979f25ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 22:06:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
napcard.net/wp-content/uploads/2019/06/na%CC%A3p-pubg-mobile.gif
163.44.194.225200 OK 1.0 MB URL HTTP/1.1 napcard.net/wp-content/uploads/2019/06/na%CC%A3p-pubg-mobile.gif
IP 163.44.194.225:0
ASN #131392 GMO-Z.com Runsystem Joint Stock Company
File type GIF image data, version 89a, 903 x 882\012- data
Size 1.0 MB (1037909 bytes)
Hash 99f3428a67ab3bb4eeae01972e37d1f5
6bbda56d4511fa3b65d676bfd24a425a41e381dd
40421942f999225d941c439a7737b72b5b649a958aa4e9f232c8cd7bd116b698
GET /wp-content/uploads/2019/06/na%CC%A3p-pubg-mobile.gif HTTP/1.1
Host: napcard.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 22:06:45 GMT
Server: Apache
Last-Modified: Sun, 02 Jun 2019 12:04:21 GMT
ETag: "fd655-58a560c4e0e94"
Accept-Ranges: bytes
Content-Length: 1037909
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d5e5918cf53c569d6674e598228246
241a28d882355e06b0a2428c931f9d72dd5c6c53
2ebf30d1844d23a2b7516b900b1aa4473e5c042b0e0ecb2c39675d4b4bc7910e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5452
x-amzn-requestid: eb6aca44-e834-4123-b191-eb3f007bf7b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6OCrGM-IAMFnxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393f6dd-71fee2de2dd69c7d1d4d32fe;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 03:02:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2dzTL44JHLjIbSIFDFPwmOcNMq9-lZF4YvsBimPz3YD1c4xQF2tUCA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 03:38:01 GMT
age: 66531
etag: "241a28d882355e06b0a2428c931f9d72dd5c6c53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.upsieutoc.com/images/2020/03/25/111-1.jpg
104.21.235.42404 Not Found 0 B URL HTTP/2 www.upsieutoc.com/images/2020/03/25/111-1.jpg
IP 104.21.235.42:0
GET /images/2020/03/25/111-1.jpg HTTP/1.1
Host: www.upsieutoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Mon, 12 Dec 2022 22:06:44 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=432000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eM5%2F3ntXHWqUHralwBlQns4AfkbtoX5QRs11Wv30LOR%2Fm%2B7hjugBphYF4fu1QufvzSo4NnOGcbcFx11VofAWyFe15e6fHPGVq0eXxP1ror4%2FA5N8CbSVwJFDiRqmvua7CXZ7cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789c4d699e8dd81-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.upsieutoc.com/images/2020/03/25/screenshot_1585126873.png
104.21.235.42404 Not Found 0 B URL HTTP/2 www.upsieutoc.com/images/2020/03/25/screenshot_1585126873.png
IP 104.21.235.42:0
GET /images/2020/03/25/screenshot_1585126873.png HTTP/1.1
Host: www.upsieutoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Mon, 12 Dec 2022 22:06:44 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=432000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oj431t51NrXlgy51U0CxmjYBb9stVU9q%2BoMDD8T9n75IRdNE4wGod0r%2B2iAb3Hk18tO8%2B5NZlzjdsbci%2F4DU%2FMeVcZh9Z4UxQR3VoRaOX6UXFJLRLhMcYR0Zf4jf8SrhzINaSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789c4d699e7dd81-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.upsieutoc.com/images/2020/03/25/nappubg.vn.png
104.21.235.42404 Not Found 0 B URL HTTP/2 www.upsieutoc.com/images/2020/03/25/nappubg.vn.png
IP 104.21.235.42:0
GET /images/2020/03/25/nappubg.vn.png HTTP/1.1
Host: www.upsieutoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nappubg.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Mon, 12 Dec 2022 22:06:44 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=432000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2B4VgVi4DbJIkkzCG3DZMVot7gmmBfepiLMXLxCWMYFRrn%2BIREX%2BtI2SHhvqXFIEx84yAd2eV51J%2FN%2BFpWeMXaxmO1zHGcC%2FAYdEWsKCeu5qU8FhCyeUQdmKvivGSfo%2FpjNnpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7789c4d699e3dd81-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2