r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7554
Expires: Thu, 02 Feb 2023 10:34:54 GMT
Date: Thu, 02 Feb 2023 08:29:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8203
Expires: Thu, 02 Feb 2023 10:45:43 GMT
Date: Thu, 02 Feb 2023 08:29:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13147
Expires: Thu, 02 Feb 2023 12:08:07 GMT
Date: Thu, 02 Feb 2023 08:29:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 07:36:04 GMT
content-type: application/json
age: 3176
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ybVQ0I5lwLQeRupZsU9mlkj/VP/tZiSA68J/iKOPZfSC/L5pqScIboEm8noVBuGV8N9peMeYAdg=
x-amz-request-id: R6TKD96AFBDPRA1G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 08:23:01 GMT
age: 359
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 08:29:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cpy.co.th/
150.95.29.64200 OK 4.1 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (970)
Hash db3a1804c523daa0b4ac5dc9b2907dd8
e0b5a77f149f86c970f105a00f076266b8a82630
325a3a85878325c85614b82d597af6b02655c6e6669b4b54380d3e024fe03d8e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sat, 29 Jan 2022 22:16:56 GMT
Accept-Ranges: bytes
ETag: "07c3ed5d15d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:00 GMT
Content-Length: 4076
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400,500
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500
IP 142.250.74.106:0
Hash 5e9cf8e5841b0e580994531a3851c4b4
9abfaf982bf9a5cc187dfba1eb3df7c17b93605a
9cb36fcce624f16e7b7f8ffb51baffed854533d865958eb1e07aa1b3b0a8f374
GET /css?family=Roboto:400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cpy.co.th/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 08:29:00 GMT
date: Thu, 02 Feb 2023 08:29:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 07:49:05 GMT
age: 2396
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3872.619922549354!2d100.58527294987596!3d13.921651990189762!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x30e2824555555531%3A0x32b8a813533c23a6!2z4Lia4Lij4Li04Lip4Lix4LiXIOC5gOC4iOC5ieC4suC4nuC4o-C4sOC4ouC4siDguYDguK3guYDguKXguYDguKfguYDguJXguK3guKPguYwg4LiI4Liz4LiB4Lix4LiU!5e0!3m2!1sen!2sth!4v1503931316275
216.58.207.228200 OK 1.5 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3872.619922549354!2d100.58527294987596!3d13.921651990189762!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x30e2824555555531%3A0x32b8a813533c23a6!2z4Lia4Lij4Li04Lip4Lix4LiXIOC5gOC4iOC5ieC4suC4nuC4o-C4sOC4ouC4siDguYDguK3guYDguKXguYDguKfguYDguJXguK3guKPguYwg4LiI4Liz4LiB4Lix4LiU!5e0!3m2!1sen!2sth!4v1503931316275
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3287)
Hash c068bd7bfa9427d94ae5f004370e0d70
f430de1cb3dba965320ea48c8fbf19c5182c0298
3f2221fa71b42d48826ab55d8fd6706284c4356f550f7d46220d6f4420b81771
GET /maps/embed?pb=!1m18!1m12!1m3!1d3872.619922549354!2d100.58527294987596!3d13.921651990189762!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x30e2824555555531%3A0x32b8a813533c23a6!2z4Lia4Lij4Li04Lip4Lix4LiXIOC5gOC4iOC5ieC4suC4nuC4o-C4sOC4ouC4siDguYDguK3guYDguKXguYDguKfguYDguJXguK3guKPguYwg4LiI4Liz4LiB4Lix4LiU!5e0!3m2!1sen!2sth!4v1503931316275 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cpy.co.th/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-gdFYz4V2fSlSwWPCgX0YBA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
pragma: no-cache
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
vary: Accept-Language, Origin, X-Origin, Referer
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Thu, 02 Feb 2023 08:29:01 GMT
server: scaffolding on HTTPServer2
content-length: 1503
x-xss-protection: 0
x-content-type-options: nosniff
server-timing: gfet4t7; dur=198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cpy.co.th/css/animate.min.css
150.95.29.64200 OK 47 kB URL HTTP/1.1 cpy.co.th/css/animate.min.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (45426), with CRLF line terminators
Hash 50bd490b6cc99bf576f8eb8e47ea3a42
4d21806b8bd6a19b0003802cb5fc5d5d6829c99d
8b2d991f4c070d7e1b86562bc2e7fe153464ffa5ce9d7fba29728a34772869f6
GET /css/animate.min.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "e5edeeed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:00 GMT
Content-Length: 46587
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7426
Expires: Thu, 02 Feb 2023 10:32:47 GMT
Date: Thu, 02 Feb 2023 08:29:01 GMT
Connection: keep-alive
cpy.co.th/css/nivo-lightbox.css
150.95.29.64200 OK 5.9 kB URL HTTP/1.1 cpy.co.th/css/nivo-lightbox.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash d711771f2996c95346d28e580bbbef19
1a0f5eeb751838df3bca31f7e64ebb81e18c25fc
2fef9d9d2660e110c41e821e2f0f61ee85beea7cbfbac99c332fa86f75779561
GET /css/nivo-lightbox.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "6312f6ed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:00 GMT
Content-Length: 5906
cpy.co.th/css/nivo_themes/default/default.css
150.95.29.64200 OK 3.0 kB URL HTTP/1.1 cpy.co.th/css/nivo_themes/default/default.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash acb3a483d52368a202dbd381cf3bc0f9
4137030360fe086f9e492521d0a642be81bc568f
2eb1b08f89a7302734b17943b715c1e169c1afaf7be352569ef17463a5d4f017
GET /css/nivo_themes/default/default.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "ff9bffed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:00 GMT
Content-Length: 3008
cpy.co.th/css/style.css
150.95.29.64200 OK 12 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 2e4c61e53c348c2a10c5dcba9f1e45fa
5a9eb0d10a9fffe445663018449db43aeee693a6
80b13bca3905db2681515abb939138f4867bb14e226b678e0ae308026d22f7a5
GET /css/style.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "6312f6ed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:00 GMT
Content-Length: 11642
cpy.co.th/css/font-awesome.min.css
150.95.29.64200 OK 27 kB URL HTTP/1.1 cpy.co.th/css/font-awesome.min.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (26548), with CRLF line terminators
Hash 1587f8872e13fa1dbe7f3535f684774f
4c2c5f5f6cc86d775a44b944661e038b7be98149
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
GET /css/font-awesome.min.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "79b0f3ed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:00 GMT
Content-Length: 26715
cpy.co.th/js/jquery.parallax.js
150.95.29.64200 OK 1.9 kB URL HTTP/1.1 cpy.co.th/js/jquery.parallax.js
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 410bf27405e60b97df3f02bdfc83bfbd
779cf65a01c7a093e01620918b1a80f0b9d8aa76
114c26e9b0108ffd803a3742cb5e9eb507641730ed4df9c911a46c3d58669d4b
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.parallax.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "6131d6ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 1899
push.services.mozilla.com/
54.149.13.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.13.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2uAn5gEBASUyCSmxdmmVLQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fLnOiDFt3fdor6rCerzVB9+876s=
cpy.co.th/js/jquery.js
150.95.29.64200 OK 96 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (32086), with CRLF line terminators
Hash 4dc834d16a0d219d5c2b8a5b814569e4
4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "c06ad1ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 95790
cpy.co.th/js/nivo-lightbox.min.js
150.95.29.64200 OK 6.8 kB URL HTTP/1.1 cpy.co.th/js/nivo-lightbox.min.js
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (6569), with CRLF line terminators
Hash 56a1dcf1a4298ebc6674c236326d680d
d559570325320462063f52d79ac89c6932bd99a9
2ef334527e857602c846d55b02c677481ec9606d2344be33d501a165d6ae0800
Analyzer Verdict Alert fortinet Phishing
GET /js/nivo-lightbox.min.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "6131d6ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 6784
cpy.co.th/css/bootstrap.min.css
150.95.29.64200 OK 122 kB URL HTTP/1.1 cpy.co.th/css/bootstrap.min.css
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (65367), with CRLF line terminators
Size 122 kB (122544 bytes)
Hash 3e53c6843a02b42ed881307d0c17af7d
f2cd0488a33734345987059e7c183ba88dd4c213
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
GET /css/bootstrap.min.css HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "e5edeeed5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:00 GMT
Content-Length: 122544
cpy.co.th/js/wow.min.js
150.95.29.64200 OK 7.1 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (7052), with CRLF line terminators
Hash b97943d1aa290cf30b0a46f5d450f640
6e686e8163cbffe4b3db652a9075c1b3da51f56e
e32f86f81b06f177e78439f588a7a57382819e6ef19d6b2235748a6b4e98f218
Analyzer Verdict Alert fortinet Phishing
GET /js/wow.min.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "2eb9dfee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 7083
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cpy.co.th
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:13:04 GMT
expires: Fri, 02 Feb 2024 03:13:04 GMT
cache-control: public, max-age=31536000
age: 18957
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cpy.co.th
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 14:07:32 GMT
expires: Thu, 01 Feb 2024 14:07:32 GMT
cache-control: public, max-age=31536000
age: 66089
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cpy.co.th/js/custom.js
150.95.29.64200 OK 880 B IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 096e2a240d5ca7514f11b6020605b635
0976781fbffc031884a8632a45492505d76347f2
cc4b72ea2bed5c4e9bc9c79d5ea0165e39c482d0a51f685a00ce7c616ea46f12
Analyzer Verdict Alert fortinet Phishing
GET /js/custom.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:58 GMT
Accept-Ranges: bytes
ETag: "ad81c5ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 880
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 08:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js
142.250.74.99200 OK 227 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2599)
Size 227 kB (227161 bytes)
Hash e3fcdb3b625ae8f6058df005fbac1b91
9cd25835e9e08695c0114f57a5abf4d3437b1619
97fcf9ad8137f24c0f74e5450b2b4a01d87dfa70678130187fe13c1614ab419b
GET /maps-api-v3/embed/js/51/8/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 227161
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 19:04:02 GMT
expires: Thu, 01 Feb 2024 19:04:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 18:44:31 GMT
content-type: text/javascript
age: 48299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cpy.co.th/fonts/fontawesome-webfont.woff2?v=4.4.0
150.95.29.64200 OK 64 kB URL HTTP/1.1 cpy.co.th/fonts/fontawesome-webfont.woff2?v=4.4.0
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Hash 4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
GET /fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cpy.co.th/css/font-awesome.min.css
HTTP/1.1 200 OK
Content-Type: font/x-woff2
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "fe371cee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 64464
cpy.co.th/images/logo.png
150.95.29.64200 OK 32 kB URL HTTP/1.1 cpy.co.th/images/logo.png
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type PNG image data, 323 x 146, 8-bit/color RGBA, non-interlaced\012- data
Hash cfef29c3a5da8f0bdcbcaed89dcdbae1
479eddad5578b7d7f836b9fed0040e001ffdb5f6
bbb0136f97bbd08b968fe30b421a8d6d8574be1f1cb38173fee9bbbf037a63af
GET /images/logo.png HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "30e82cee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 32013
cpy.co.th/js/smoothscroll.js
150.95.29.64200 OK 4.5 kB URL HTTP/1.1 cpy.co.th/js/smoothscroll.js
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (2272), with CRLF line terminators
Hash 0ccfabec16a2d85465912b7efa283266
fca372ccf31344376a9de0c752105662cbd41951
97e85150d0aaf78199af82a0b795806a71259b2eaa99b96a7bdf6c391c8b62d3
Analyzer Verdict Alert fortinet Phishing
GET /js/smoothscroll.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:59 GMT
Accept-Ranges: bytes
ETag: "2eb9dfee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 4451
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7457
Expires: Thu, 02 Feb 2023 10:33:19 GMT
Date: Thu, 02 Feb 2023 08:29:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7457
Expires: Thu, 02 Feb 2023 10:33:19 GMT
Date: Thu, 02 Feb 2023 08:29:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: 79840c68-3e99-428d-9c01-9e4a93a34486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUzH1-oAMFiwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1e-5bb93c5126aaff474900da63;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mc8C-oesi4njIn2K2f56GKuyt6erRJAqCU-B4InhTD8oIoqo4s5-Fg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:43 GMT
age: 36619
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 37015
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a62a4f48037f1f84b8fd03347daf9ab9
e67e666749b07a0d343d1d0f74d59155ba25d687
5a9ebe1bec39e5d69b20c9747f32c85be906cddba92501052d54dc9a37d3c52d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d807a49-adb3-465b-bdcf-f7b8f276af86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2874
x-amzn-requestid: 0102a009-be1f-4890-97db-674ebd79e449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frep5EBOoAMFgiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade3f-371af67b2cc767ed35cb81d6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:48:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5SESv5V3aaPbGjrzWVKLl6iZuSJPqP-L6xL8KeyxoHawgJfOdgTiEw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:46 GMT
age: 36616
etag: "e67e666749b07a0d343d1d0f74d59155ba25d687"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 37015
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a36c4fb-50d9-4aa0-bfa2-db52c0bc2f9a.gif
34.120.237.76200 OK 45 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a36c4fb-50d9-4aa0-bfa2-db52c0bc2f9a.gif
IP 34.120.237.76:0
File type GIF image data, version 89a, 296 x 148\012- data
Hash 54d9e8efcff3cc7fa309dc41e89c2a26
fa1cd58cf243d18f360e4394a02bee994e738c0a
4dd37eec5c27d911c3193c7ba08c10a8ec2526eac48c9b6a2a4ec49502cf189a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a36c4fb-50d9-4aa0-bfa2-db52c0bc2f9a.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 44860
x-amzn-requestid: 318e5c01-c024-4c5e-8422-e6cba20b8dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaTEeBoAMFesA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-4b775cdc759aac341f2aff9a;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RNTdoFKkQh9Ecvr_PfYLCxtibL-ex58YUx94NOmyV1W_0uHNi8ep-w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 03:02:02 GMT
age: 19620
etag: "fa1cd58cf243d18f360e4394a02bee994e738c0a"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb20c182-a39b-4222-8a27-155f67b554ab.webp
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb20c182-a39b-4222-8a27-155f67b554ab.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c0980cc80018f2218e1a5a7336a4bcc
461e33619154423dbbf49407a80b70ade9078593
4375676d6ce36b3ec3923eefe2007bb96d96135dae10103a886c24fc9063fce9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb20c182-a39b-4222-8a27-155f67b554ab.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3541
x-amzn-requestid: f65e4be6-20ff-4f14-a722-d6c2c4631a5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5YHQqoAMFeBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6f-5f9183ed1c2cb640249c2b09;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dhCNUaZl9ATxaIgoLz8bF1ZxjW31vJ6rx-BLhIKVjmoG4tPFH7WZZQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 36231
etag: "461e33619154423dbbf49407a80b70ade9078593"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cpy.co.th/js/bootstrap.min.js
150.95.29.64200 OK 37 kB URL HTTP/1.1 cpy.co.th/js/bootstrap.min.js
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with very long lines (32034), with CRLF line terminators
Hash e7d9a06cf9053c51cd4ad3386da0659a
e45bf1054704a1fdfc4ee2713a16bf9283dea995
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2022 22:16:58 GMT
Accept-Ranges: bytes
ETag: "ad81c5ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 36822
cpy.co.th/images/footer-bg.jpg
150.95.29.64200 OK 276 kB URL HTTP/1.1 cpy.co.th/images/footer-bg.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2017:05:07 12:33:51], baseline, precision 8, 1200x801, components 3\012- data
Size 276 kB (275685 bytes)
Hash 73962d8cd9af28e7ac0134b2dbd0f02a
3a379ce3f6b751f6b50def3c58cd958568dbcc24
9ca8d12b5533e926c6c4885c02e128cd01dd5a63ff4f3d551b366f31df4593ac
GET /images/footer-bg.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/css/style.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "b7c125ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:02 GMT
Content-Length: 275685
cpy.co.th/favicon.ico
150.95.29.64404 Not Found 13 kB IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11800), with CRLF line terminators
Hash 65c24930559e15f03415300adbf7285c
4829992d93a203c4aa196e98fcb9fb0a7d4f9e83
3273fbc5b0b3f10fa0e78ac5de8c397606fae0068583b671c8c695f71f2446e4
GET /favicon.ico HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:07 GMT
Content-Length: 12579
cpy.co.th/images/charoensin-img1.jpg
150.95.29.64200 OK 538 kB URL HTTP/1.1 cpy.co.th/images/charoensin-img1.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2017:05:07 16:24:22], progressive, precision 8, 934x1158, components 3\012- data
Size 538 kB (538282 bytes)
Hash cd97583360e111b3b93e7178bbe41b37
b041f2516c12a8beff7e0d800fbc7628ffe217a5
0f13939d9c8eb30134bc125a020c26c5b17323dac9890d0e8c5eb26b9a6a029a
GET /images/charoensin-img1.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "545f23ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 538282
cpy.co.th/images/kata-img1.JPG
150.95.29.64200 OK 493 kB URL HTTP/1.1 cpy.co.th/images/kata-img1.JPG
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=1280, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=960], progressive, precision 8, 926x1158, components 3\012- data
Size 493 kB (492954 bytes)
Hash f3d266b618a3888e77f8c9d5b58c1d9b
0781d9babe97dbeecad1f729af9a3cff117dc0f8
7d88636256771a4dc5e9a0140c274ce3dfaf751f955cfb4a0aa8bc97d09655b5
Analyzer Verdict Alert fortinet Phishing
GET /images/kata-img1.JPG HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "48862aee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 492954
cpy.co.th/images/home-bg.jpg
150.95.29.64200 OK 0 B URL HTTP/1.1 cpy.co.th/images/home-bg.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
GET /images/home-bg.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/css/style.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "30e82cee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:02 GMT
Content-Length: 4749169
cpy.co.th/images/product-img1.jpg
150.95.29.64200 OK 0 B URL HTTP/1.1 cpy.co.th/images/product-img1.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
GET /images/product-img1.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "89f34ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:02 GMT
Content-Length: 1916769
cpy.co.th/images/hl-phuket-img1.jpg
150.95.29.64200 OK 0 B URL HTTP/1.1 cpy.co.th/images/hl-phuket-img1.jpg
IP 150.95.29.64:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
GET /images/hl-phuket-img1.jpg HTTP/1.1
Host: cpy.co.th
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cpy.co.th/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sat, 29 Jan 2022 22:16:57 GMT
Accept-Ranges: bytes
ETag: "b7c125ee5d15d81:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 02 Feb 2023 08:29:01 GMT
Content-Length: 691791