r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20181
Expires: Thu, 08 Dec 2022 14:05:25 GMT
Date: Thu, 08 Dec 2022 08:29:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9033
Expires: Thu, 08 Dec 2022 10:59:37 GMT
Date: Thu, 08 Dec 2022 08:29:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6626
Expires: Thu, 08 Dec 2022 10:19:30 GMT
Date: Thu, 08 Dec 2022 08:29:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 08:08:11 GMT
content-type: application/json
age: 1253
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jTa091aZZfGmfBRs3BI/b8UQCtJX8Z5xxCrsq4n9R9WRc+uWVfQzoOfGyD9ZHbTYkItniheV6kA=
x-amz-request-id: 3QY9HARQ102BXP2M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 07:47:50 GMT
age: 2474
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
cpy.co.th/
150.95.29.64200 OK 4.1 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (970)
Hash db3a1804c523daa0b4ac5dc9b2907dd8
e0b5a77f149f86c970f105a00f076266b8a82630
325a3a85878325c85614b82d597af6b02655c6e6669b4b54380d3e024fe03d8e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 29 Jan 2022 22:16:56 GMT
Accept-Ranges: bytes
ETag: "07c3ed5d15d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:04 GMT
Content-Length: 4076
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:29:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8274b291596906eb3779dccb82ec41cb
b2ec554df1fa55e18a4316b76ac617dc626b7598
69129be0a1c2e3d1dfc602aea4ef004ea01b3bfa6c5863bd225843472f1bb7c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3872.619922549354!2d100.58527294987596!3d13.921651990189762!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x30e2824555555531%3A0x32b8a813533c23a6!2z4Lia4Lij4Li04Lip4Lix4LiXIOC5gOC4iOC5ieC4suC4nuC4o-C4sOC4ouC4siDguYDguK3guYDguKXguYDguKfguYDguJXguK3guKPguYwg4LiI4Liz4LiB4Lix4LiU!5e0!3m2!1sen!2sth!4v1503931316275
216.58.211.4200 OK 1.6 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3872.619922549354!2d100.58527294987596!3d13.921651990189762!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x30e2824555555531%3A0x32b8a813533c23a6!2z4Lia4Lij4Li04Lip4Lix4LiXIOC5gOC4iOC5ieC4suC4nuC4o-C4sOC4ouC4siDguYDguK3guYDguKXguYDguKfguYDguJXguK3guKPguYwg4LiI4Liz4LiB4Lix4LiU!5e0!3m2!1sen!2sth!4v1503931316275
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3493)
Hash 05614fb561da4fece22326c98acf6bcb
c2dafddbddbdb6a8bd3fdef0928b990bb4398745
e7c991f6a9829933d31395551d16ae21222b1e4f10a46d9adabdd0e2a8b051d4
GET /maps/embed?pb=!1m18!1m12!1m3!1d3872.619922549354!2d100.58527294987596!3d13.921651990189762!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x30e2824555555531%3A0x32b8a813533c23a6!2z4Lia4Lij4Li04Lip4Lix4LiXIOC5gOC4iOC5ieC4suC4nuC4o-C4sOC4ouC4siDguYDguK3guYDguKXguYDguKfguYDguJXguK3guKPguYwg4LiI4Liz4LiB4Lix4LiU!5e0!3m2!1sen!2sth!4v1503931316275 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cpy.co.th/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 08 Dec 2022 08:29:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-YNUs2_D6YNarEFulIV27Kw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1566
x-xss-protection: 0
server-timing: gfet4t7; dur=152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cpy.co.th/css/nivo-lightbox.css
150.95.29.64200 OK 5.9 kB URL HTTP/1.1 cpy.co.th/css/nivo-lightbox.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash d711771f2996c95346d28e580bbbef19
1a0f5eeb751838df3bca31f7e64ebb81e18c25fc
2fef9d9d2660e110c41e821e2f0f61ee85beea7cbfbac99c332fa86f75779561
GET /css/nivo-lightbox.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "6312f6ed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 5906
cpy.co.th/css/nivo_themes/default/default.css
150.95.29.64200 OK 3.0 kB URL HTTP/1.1 cpy.co.th/css/nivo_themes/default/default.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash acb3a483d52368a202dbd381cf3bc0f9
4137030360fe086f9e492521d0a642be81bc568f
2eb1b08f89a7302734b17943b715c1e169c1afaf7be352569ef17463a5d4f017
GET /css/nivo_themes/default/default.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "ff9bffed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 3008
cpy.co.th/css/animate.min.css
150.95.29.64200 OK 47 kB URL HTTP/1.1 cpy.co.th/css/animate.min.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (45426), with CRLF line terminators
Hash 50bd490b6cc99bf576f8eb8e47ea3a42
4d21806b8bd6a19b0003802cb5fc5d5d6829c99d
8b2d991f4c070d7e1b86562bc2e7fe153464ffa5ce9d7fba29728a34772869f6
GET /css/animate.min.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "e5edeeed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:04 GMT
Content-Length: 46587
cpy.co.th/css/style.css
150.95.29.64200 OK 12 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 2e4c61e53c348c2a10c5dcba9f1e45fa
5a9eb0d10a9fffe445663018449db43aeee693a6
80b13bca3905db2681515abb939138f4867bb14e226b678e0ae308026d22f7a5
GET /css/style.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "6312f6ed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 11642
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 08:07:58 GMT
age: 1267
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cpy.co.th/css/font-awesome.min.css
150.95.29.64200 OK 27 kB URL HTTP/1.1 cpy.co.th/css/font-awesome.min.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (26548), with CRLF line terminators
Hash 1587f8872e13fa1dbe7f3535f684774f
4c2c5f5f6cc86d775a44b944661e038b7be98149
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
GET /css/font-awesome.min.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "79b0f3ed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 26715
cpy.co.th/js/jquery.parallax.js
150.95.29.64200 OK 1.9 kB URL HTTP/1.1 cpy.co.th/js/jquery.parallax.js
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 410bf27405e60b97df3f02bdfc83bfbd
779cf65a01c7a093e01620918b1a80f0b9d8aa76
114c26e9b0108ffd803a3742cb5e9eb507641730ed4df9c911a46c3d58669d4b
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.parallax.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "6131d6ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 1899
cpy.co.th/js/smoothscroll.js
150.95.29.64200 OK 4.5 kB URL HTTP/1.1 cpy.co.th/js/smoothscroll.js
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (2272), with CRLF line terminators
Hash 0ccfabec16a2d85465912b7efa283266
fca372ccf31344376a9de0c752105662cbd41951
97e85150d0aaf78199af82a0b795806a71259b2eaa99b96a7bdf6c391c8b62d3
Analyzer Verdict Alert fortinet Phishing
GET /js/smoothscroll.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "2eb9dfee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 4451
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6425
Cache-Control: max-age=95090
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:05 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:53:55 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
cpy.co.th/js/nivo-lightbox.min.js
150.95.29.64200 OK 6.8 kB URL HTTP/1.1 cpy.co.th/js/nivo-lightbox.min.js
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (6569), with CRLF line terminators
Hash 56a1dcf1a4298ebc6674c236326d680d
d559570325320462063f52d79ac89c6932bd99a9
2ef334527e857602c846d55b02c677481ec9606d2344be33d501a165d6ae0800
Analyzer Verdict Alert fortinet Phishing
GET /js/nivo-lightbox.min.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "6131d6ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 6784
cpy.co.th/css/bootstrap.min.css
150.95.29.64200 OK 122 kB URL HTTP/1.1 cpy.co.th/css/bootstrap.min.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (65367), with CRLF line terminators
Size 122 kB (122544 bytes)
Hash 3e53c6843a02b42ed881307d0c17af7d
f2cd0488a33734345987059e7c183ba88dd4c213
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
GET /css/bootstrap.min.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "e5edeeed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:04 GMT
Content-Length: 122544
cpy.co.th/js/bootstrap.min.js
150.95.29.64200 OK 37 kB URL HTTP/1.1 cpy.co.th/js/bootstrap.min.js
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (32034), with CRLF line terminators
Hash e7d9a06cf9053c51cd4ad3386da0659a
e45bf1054704a1fdfc4ee2713a16bf9283dea995
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:58 GMT
Accept-Ranges: bytes
ETag: "ad81c5ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 36822
cpy.co.th/js/wow.min.js
150.95.29.64200 OK 7.1 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (7052), with CRLF line terminators
Hash b97943d1aa290cf30b0a46f5d450f640
6e686e8163cbffe4b3db652a9075c1b3da51f56e
e32f86f81b06f177e78439f588a7a57382819e6ef19d6b2235748a6b4e98f218
Analyzer Verdict Alert fortinet Phishing
GET /js/wow.min.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "2eb9dfee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 7083
cpy.co.th/js/custom.js
150.95.29.64200 OK 880 B IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 096e2a240d5ca7514f11b6020605b635
0976781fbffc031884a8632a45492505d76347f2
cc4b72ea2bed5c4e9bc9c79d5ea0165e39c482d0a51f685a00ce7c616ea46f12
Analyzer Verdict Alert fortinet Phishing
GET /js/custom.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:58 GMT
Accept-Ranges: bytes
ETag: "ad81c5ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 880
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cpy.co.th
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:08 GMT
expires: Thu, 07 Dec 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 46498
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cpy.co.th
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 14:07:32 GMT
expires: Thu, 07 Dec 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 66094
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QY0nj1V+zkfLhf2qtLbTiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vfyXGDMkbZfhd3SbEa+2YLohV/s=
cpy.co.th/js/jquery.js
150.95.29.64200 OK 96 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (32086), with CRLF line terminators
Hash 4dc834d16a0d219d5c2b8a5b814569e4
4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "c06ad1ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 95790
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cpy.co.th/images/logo.png
150.95.29.64200 OK 32 kB URL HTTP/1.1 cpy.co.th/images/logo.png
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type PNG image data, 323 x 146, 8-bit/color RGBA, non-interlaced\012- data
Hash cfef29c3a5da8f0bdcbcaed89dcdbae1
479eddad5578b7d7f836b9fed0040e001ffdb5f6
bbb0136f97bbd08b968fe30b421a8d6d8574be1f1cb38173fee9bbbf037a63af
GET /images/logo.png HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "30e82cee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 32013
maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js
142.250.74.99200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2669)
Hash 670da89542ecf04a8bbff2049748654f
2fcd2c31427edfd9b3180e233a009677b0d88973
d1bdcacb4973ce7c60a0f59144bf6fb699eea4fc016ca1780cdf61dbd9efb3bc
GET /maps-api-v3/embed/js/51/3/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69327
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:12:25 GMT
expires: Thu, 07 Dec 2023 20:12:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 18:55:12 GMT
content-type: text/javascript
age: 44201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cpy.co.th/fonts/fontawesome-webfont.woff2?v=4.4.0
150.95.29.64200 OK 64 kB URL HTTP/1.1 cpy.co.th/fonts/fontawesome-webfont.woff2?v=4.4.0
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Hash 4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
GET /fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cpy.co.th/css/font-awesome.min.css
HTTP/1.1 200 OK
Content-Type: font/x-woff2
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "fe371cee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 64464
cpy.co.th/images/footer-bg.jpg
150.95.29.64200 OK 276 kB URL HTTP/1.1 cpy.co.th/images/footer-bg.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2017:05:07 12:33:51], baseline, precision 8, 1200x801, components 3\012- data
Size 276 kB (275685 bytes)
Hash 73962d8cd9af28e7ac0134b2dbd0f02a
3a379ce3f6b751f6b50def3c58cd958568dbcc24
9ca8d12b5533e926c6c4885c02e128cd01dd5a63ff4f3d551b366f31df4593ac
GET /images/footer-bg.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/css/style.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "b7c125ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:06 GMT
Content-Length: 275685
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7322
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 08:29:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7322
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 08:29:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7322
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 08:29:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:11:17 GMT
age: 73070
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:24:13 GMT
age: 36294
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bdf4703f3372054a7aadce1cb0e11bd0
84d060f66accd412503d52c385ee47cb35795c07
c5853b653ee328e567e2456be12450e04c1704ed64fb6234f008532e4b6c8363
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3744
x-amzn-requestid: 73eab74b-e50c-46d1-adde-3ef85fb772f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlj7FDiIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb618-70ffb1925e3a9ef6081d1cd1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mNqZM4645fF2zaqXJgT68q_xIbg2tvE1KaqK1P2LzC307rl4OTZ33Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:58:04 GMT
age: 37863
etag: "84d060f66accd412503d52c385ee47cb35795c07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 32015
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MWB80hrfUMDjexNsySVGMXtm6Wva4t1gkJXaesFKRaGSkFS1r1zIrw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
age: 36943
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4cbd333b74ebe10e77c1bdf1fec0269
bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8
7c868974824cef2f1a08c4500d10490fbaa8515984391b822c70a5009ad8c225
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 79861560-2468-4c0a-afd8-800d1e6d6814
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4A5EbzIAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d2-0b1efe0b006b8b0b2f69870b;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OInz4Evmbh2Z4PL2ogGsw6iOF9I-u-KhBhAsHHiA46CuHcqHo2Z34A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:07 GMT
age: 36960
etag: "bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cpy.co.th/favicon.ico
150.95.29.64404 Not Found 13 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11800), with CRLF line terminators
Hash 65c24930559e15f03415300adbf7285c
4829992d93a203c4aa196e98fcb9fb0a7d4f9e83
3273fbc5b0b3f10fa0e78ac5de8c397606fae0068583b671c8c695f71f2446e4
GET /favicon.ico HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:07 GMT
Content-Length: 12579
cpy.co.th/images/charoensin-img1.jpg
150.95.29.64200 OK 538 kB URL HTTP/1.1 cpy.co.th/images/charoensin-img1.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2017:05:07 16:24:22], progressive, precision 8, 934x1158, components 3\012- data
Size 538 kB (538282 bytes)
Hash cd97583360e111b3b93e7178bbe41b37
b041f2516c12a8beff7e0d800fbc7628ffe217a5
0f13939d9c8eb30134bc125a020c26c5b17323dac9890d0e8c5eb26b9a6a029a
GET /images/charoensin-img1.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "545f23ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 538282
cpy.co.th/images/kata-img1.JPG
150.95.29.64200 OK 493 kB URL HTTP/1.1 cpy.co.th/images/kata-img1.JPG
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=1280, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=960], progressive, precision 8, 926x1158, components 3\012- data
Size 493 kB (492954 bytes)
Hash f3d266b618a3888e77f8c9d5b58c1d9b
0781d9babe97dbeecad1f729af9a3cff117dc0f8
7d88636256771a4dc5e9a0140c274ce3dfaf751f955cfb4a0aa8bc97d09655b5
Analyzer Verdict Alert fortinet Phishing
GET /images/kata-img1.JPG HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "48862aee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 492954
cpy.co.th/images/hl-phuket-img1.jpg
150.95.29.64200 OK 692 kB URL HTTP/1.1 cpy.co.th/images/hl-phuket-img1.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2017:05:07 16:10:46], progressive, precision 8, 934x1158, components 3\012- data
Size 692 kB (691791 bytes)
Hash 1de3ea2bc4d1591edf0b33727bcdd63d
a6a52b6c13be1323dc12c9b050d4f1c1f7c2921b
fe1319b69849970cef04632fab4fce97d7e07c6ca0e7a049d556fd72d0e7c7c1
GET /images/hl-phuket-img1.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "b7c125ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 691791
fonts.googleapis.com/css?family=Roboto:400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500
IP 142.250.74.106:0
GET /css?family=Roboto:400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cpy.co.th/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 08:29:05 GMT
date: Thu, 08 Dec 2022 08:29:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cpy.co.th/images/product-img1.jpg
150.95.29.64200 OK 0 B URL HTTP/1.1 cpy.co.th/images/product-img1.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
GET /images/product-img1.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "89f34ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 1916769
cpy.co.th/images/home-bg.jpg
150.95.29.64200 OK 0 B URL HTTP/1.1 cpy.co.th/images/home-bg.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
GET /images/home-bg.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/css/style.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "30e82cee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 08 Dec 2022 08:29:05 GMT
Content-Length: 4749169