| nk.checkpoin681.click/12345 | 4.193.51.28 | | 4.2 kB |
URL nk.checkpoin681.click/12345 IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document, Unicode text, UTF-8 text, with very long lines (565) Hash6d77d32665017853753a8feb0e5f03e2 83f8ef33676a204525340619e5dde2797d95cd3a 99ccdd4b5d054e43186c1a7d64bc2bf95d0d4ed56b2f94f60d7f3bbb9aa7e0d0
Analyzer | Verdict | Alert | OpenPhish | phishing | Facebook, Inc. |
GET /12345 HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
|
|
| player.vimeo.com/api/player.js | 162.159.138.60 | | 11 kB |
URL player.vimeo.com/api/player.js IP162.159.138.60:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (37717) Hashbfc1fdb7ce042868fce549b271d1c0bc bb3606efb09dd7f5c884295b6e711b77c74b93db 7ca8d104a83cbe3ecbbf319589825e678c69e8edf97a760336f8cfd63a69ea06
GET /api/player.js HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: application/javascript;charset=utf-8
Content-Length: 11254
Connection: keep-alive
access-control-allow-origin: *
Cache-Control: max-age=1800
content-security-policy: default-src 'none'; style-src 'unsafe-inline'
expires: Thu, 18 Apr 2024 16:27:04 GMT
x-player-backend: g
x-backend-server: player-backend-edge-entry
x-bapp-server:
Content-Encoding: gzip
accept-ranges: bytes
via: 1.1 varnish
Age: 1478
x-served-by: cache-osl6521-OSL
x-cache: HIT
x-cache-hits: 827
x-timer: S1713471703.266334,VS0,VE0
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=7gDJtSG2x9ymY5xcrORE9lVWkYr8d2OCJXkqKtjVI3U-1713471703-1.0.1.1-Q_yV2k_zPdrmQjiGK6PsAUvpC2WgKJizDtDhTyplm9zzSjxejPcUI6q03hMhPa80p9CwmuFErPsDmlHp2oJNtA; path=/; expires=Thu, 18-Apr-24 20:51:43 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
_cfuvid=WbBknFhgeWeew2iOZWdiUHRzZHNxmey0p5zMGWifJaQ-1713471703267-0.0.1.1-604800000; path=/; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 87675ce15a56b4fa-OSL
|
|
| apis.google.com/js/api.js | 142.250.74.110 | | 5.9 kB |
URL apis.google.com/js/api.js IP142.250.74.110:0
File typeJavaScript source, ASCII text, with very long lines (2054) Hashfcb94b60f5baa41e591afc6cab73a55c 09fd4db039d6f9fb8315817b48d56357c0d9de54 858530159a38c73530e5e4c4f07497d2fa4d1d54398b4a093e9851f9a239295e
GET /js/api.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 5903
date: Thu, 18 Apr 2024 20:21:43 GMT
expires: Thu, 18 Apr 2024 20:21:43 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "e30c79398fadde6b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/9a0939d3/www-widgetapi.vflset/www-widgetapi.js | 216.58.207.238 | | 48 kB |
URL www.youtube.com/s/player/9a0939d3/www-widgetapi.vflset/www-widgetapi.js IP216.58.207.238:0
File typeJavaScript source, ASCII text, with very long lines (570) Hashd5e4c439b296ee3d5c5eba18ae30e1e1 a1fca8cf4aa55704009e8a79bb7c69a7c4527bd3 393699c2314dc1e25ff5d748cdd9eb8ae727fa439c5d5ab507e39b16e68c978f
GET /s/player/9a0939d3/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 47552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:51:06 GMT
expires: Wed, 16 Apr 2025 10:51:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Oct 2021 22:05:02 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 207037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/light.min.css | 4.193.51.28 | | 620 B |
URL nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/light.min.css IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with very long lines (477) Hash51d00c2e3bd34e674097fca68cc0413d c294772f9ec03dcea9718cf8bbb1233249efb035 52d5e428100b3c00d0db976d06e49a8f23894104cdd33bed95093e9f0c43f4e6
GET /assets/font/fontawesome-pro-5.15.2/css/light.min.css HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 620
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-26c"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/solid.min.css | 4.193.51.28 | | 624 B |
URL nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/solid.min.css IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with very long lines (481) Hashae6d5e1ee5483c00145805a48ea81573 f06f353972f41ec325c1cb61d381a4866c6f6207 0ae4eb2a13046f28af8d13d707ca1616bb236b0fd00d0784b14b423ad55950f9
GET /assets/font/fontawesome-pro-5.15.2/css/solid.min.css HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 624
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-270"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/brands.min.css | 4.193.51.28 | | 632 B |
URL nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/brands.min.css IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with very long lines (489) Hash326321d2cbee63e93cb4c5d2821316a3 c6641246a29f5fef3e8d56e0bd133b684c211400 c38354a04ff57716714e9c23080d41bb29ee8b89a18dc4c78e587270596e6920
GET /assets/font/fontawesome-pro-5.15.2/css/brands.min.css HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 632
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-278"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/regular.min.css | 4.193.51.28 | | 632 B |
URL nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/regular.min.css IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with very long lines (489) Hasha80ed755e46c3cfe903bab5a50c1c2ce 93b905116befec4fb463c474ab469fa476545a01 7accee75e0a023ce7d08f70cedc4d0cdd6cd2caac5f5ab90b281c32ea2e6f3de
GET /assets/font/fontawesome-pro-5.15.2/css/regular.min.css HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 632
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-278"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| salekit.page/assets/js/youtube_preview.js | 4.193.51.28 | | 1.8 kB |
URL salekit.page/assets/js/youtube_preview.js IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash3bde9b21c6db31992251a36bed87fc98 3c7ff7a5719a41b0427af7113e46cf1bac39f1c6 9b052c9afa890f0acbccf223aae9dd76cfa947a2b7b62f4e9bc1e1e4691298d1
GET /assets/js/youtube_preview.js HTTP/1.1
Host: salekit.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: application/javascript
Content-Length: 1844
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-734"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| salekit.page/assets/builder/js_funel/submit_form.js?v=55 | 4.193.51.28 | | 8.5 kB |
URL salekit.page/assets/builder/js_funel/submit_form.js?v=55 IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash16c3c702528ad30fe509f7344656d973 ca6adfd5b9133ffbff585d9fa6185ea6612e99d1 60240d4abbc5587841c152d85c0cb9e42b5da4800cebe3b91f02678964e5f413
GET /assets/builder/js_funel/submit_form.js?v=55 HTTP/1.1
Host: salekit.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: application/javascript
Content-Length: 8485
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-2125"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| salekit.page/assets/js/animate_text.js?v=55 | 4.193.51.28 | | 6.8 kB |
URL salekit.page/assets/js/animate_text.js?v=55 IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeJavaScript source, ASCII text Hash28d03e7cb275c13dcfe77f2a7f88eff3 878e1c233a94aaa2d971cda72b75c5b70a8ea90c 71d366e008f9b4013647ea6c2cd4357a41869d37df6e8dd93f6f908c3cbfca85
GET /assets/js/animate_text.js?v=55 HTTP/1.1
Host: salekit.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: application/javascript
Content-Length: 6775
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-1a77"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| salekit.page/assets/js/snowfall.js?v=55 | 4.193.51.28 | | 3.1 kB |
URL salekit.page/assets/js/snowfall.js?v=55 IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd3915e2e744860ec42912c2580b9141a 35c4e50546f7de51a56a1de5ad0d509cc5b06416 3b9daa4200623260f8d01adc3e03886a46bd4e4890d2368e5cec0a26e2b7dc29
GET /assets/js/snowfall.js?v=55 HTTP/1.1
Host: salekit.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: application/javascript
Content-Length: 3050
Last-Modified: Fri, 22 Mar 2024 03:39:04 GMT
Connection: keep-alive
ETag: "65fcfd58-bea"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| salekit.page/assets/js/after_main.js?v=55 | 4.193.51.28 | | 499 B |
URL salekit.page/assets/js/after_main.js?v=55 IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashe5e90bc3259f3a367425ad070c5b91e9 7f34b978bd993d17e8a3c6ab534be929c8d94bfc 4786777310a9ee28d750e5a3e9e010e57365eaaa9ce07ed1998e86217dd65268
GET /assets/js/after_main.js?v=55 HTTP/1.1
Host: salekit.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: application/javascript
Content-Length: 499
Last-Modified: Thu, 04 Apr 2024 03:34:48 GMT
Connection: keep-alive
ETag: "660e1fd8-1f3"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/lib/carousel/owl.carousel.min.css | 4.193.51.28 | | 3.4 kB |
URL nk.checkpoin681.click/assets/lib/carousel/owl.carousel.min.css IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with very long lines (3184) Hashb2752a850d44f50036628eeaef3bfcfa fba46353cf90450ef3d362a123f1e7af3e8c561e 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
GET /assets/lib/carousel/owl.carousel.min.css HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 3351
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-d17"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/css/reset_css.css?v=55 | 4.193.51.28 | | 15 kB |
URL nk.checkpoin681.click/assets/css/reset_css.css?v=55 IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hasha83d0e72a594299b4536aa115a5ccc93 66e7d94a3dc44cf326415a006d39c925359f77ee ddb4d089b754ba7cc492947f369d7979280b3b2d570a816d5cc551c9d0633c57
GET /assets/css/reset_css.css?v=55 HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 15434
Last-Modified: Fri, 22 Mar 2024 03:39:04 GMT
Connection: keep-alive
ETag: "65fcfd58-3c4a"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/lib/animate.min.css?v=55 | 4.193.51.28 | | 72 kB |
URL nk.checkpoin681.click/assets/lib/animate.min.css?v=55 IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with very long lines (65348) Hashee0e52e59c8e132545ad8689a47a70dd c2f2f627664aeb173e027ef00a81065353c4ce0e 0aad071474d584970d2165131984a67a27c11beb8001b2a8665123a189ffaba7
GET /assets/lib/animate.min.css?v=55 HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 71772
Last-Modified: Wed, 06 Mar 2024 04:41:13 GMT
Connection: keep-alive
ETag: "65e7f3e9-1185c"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/css/animate_text.css | 4.193.51.28 | | 15 kB |
URL nk.checkpoin681.click/assets/css/animate_text.css IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd58f7d401e7d09c7757278b0518bf7bc 3a61118169ad193753bb18020627551c0c4bd8c8 c1e803810f0135a01d93f55b96ffdc8891618f3a8ee1002c5b9ef2882d6329f0
GET /assets/css/animate_text.css HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 14589
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-38fd"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/duotone.min.css | 4.193.51.28 | | 82 kB |
URL nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/duotone.min.css IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with very long lines (65393) Hashb2ac7a0830df974f9c2dd619110a31f0 2180bf5a4c2b95eb9d298aa02a021dc7368ff6b6 b6efc91116e195b5a5c21effe3e31e00712e9f9087566ee0a1e089a2060bdbf9
GET /assets/font/fontawesome-pro-5.15.2/css/duotone.min.css HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 81475
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-13e43"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/fontawesome.css | 4.193.51.28 | | 113 kB |
URL nk.checkpoin681.click/assets/font/fontawesome-pro-5.15.2/css/fontawesome.css IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size113 kB (112825 bytes) Hash116f91364b44669772751a8765f60dc8 2c7f8c78f1cf0c285059e057fc78e43c7598ecdd 9254ca503935d1aa04f5939a28075e77a802f3b0f4438f24a1af3223efd7f23b
GET /assets/font/fontawesome-pro-5.15.2/css/fontawesome.css HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: text/css
Content-Length: 112825
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-1b8b9"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/assets/lib/carousel/owl.carousel.min.js | 4.193.51.28 | | 44 kB |
URL nk.checkpoin681.click/assets/lib/carousel/owl.carousel.min.js IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeJavaScript source, ASCII text, with very long lines (31997) Hashf416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
GET /assets/lib/carousel/owl.carousel.min.js HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:44 GMT
Content-Type: application/javascript
Content-Length: 44342
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-ad36"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| salekit.page/assets/js/main_preview.js?v=55 | 4.193.51.28 | | 135 kB |
URL salekit.page/assets/js/main_preview.js?v=55 IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (369) Size135 kB (135157 bytes) Hash485e01ba91f158a46666612f9904c56e d8ca7a402b8915e0960e25c8b2fd60b99ec5b30f 3b8a5d702006b97a5f080768b9cb63f44f837658b4424305e8586a26ee5c9904
GET /assets/js/main_preview.js?v=55 HTTP/1.1
Host: salekit.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:43 GMT
Content-Type: application/javascript
Content-Length: 135157
Last-Modified: Thu, 04 Apr 2024 10:57:28 GMT
Connection: keep-alive
ETag: "660e8798-20ff5"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| nk.checkpoin681.click/661607858d109d280322bf8e/lib_js/constant | 4.193.51.28 | | 1.0 kB |
URL nk.checkpoin681.click/661607858d109d280322bf8e/lib_js/constant IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash80da47a659972f46184a9ddc89d713f6 9679398c916a6b6f9e8531015a469f012e563c0e f9e5387f0083d908203581ef7b3987b4977640f9ae9a92976065d7a805117849
GET /661607858d109d280322bf8e/lib_js/constant HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:44 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
|
|
| nk.checkpoin681.click/assets/lib/jquery.2.1.1.min.js | 4.193.51.28 | | 84 kB |
URL nk.checkpoin681.click/assets/lib/jquery.2.1.1.min.js IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /assets/lib/jquery.2.1.1.min.js HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:44 GMT
Content-Type: application/javascript
Content-Length: 84245
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-14915"
Pragma: public
Cache-Control: public
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
|
|
| salekit.page/assets/images/logo/salekitio_logo.png | 4.193.51.28 | | 4.1 kB |
URL salekit.page/assets/images/logo/salekitio_logo.png IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typePNG image data, 160 x 38, 8-bit/color RGBA, non-interlaced Hash219971be9d8e987f1c8033f9f89c4982 ff6a66460f1866fbbf53e79786ecbf73679f45fb dc3319e242336ba2deed244cb53835b334aa3e44ee87db75e86e82d7d45717c9
GET /assets/images/logo/salekitio_logo.png HTTP/1.1
Host: salekit.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:44 GMT
Content-Type: image/png
Content-Length: 4114
Last-Modified: Mon, 26 Feb 2024 04:50:23 GMT
Connection: keep-alive
ETag: "65dc188f-1012"
Accept-Ranges: bytes
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 216.58.207.227 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15740, version 1.0 Hashb9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nk.checkpoin681.click
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:32:46 GMT
expires: Fri, 18 Apr 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 64138
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nk.checkpoin681.click/apiv1/landingpage/updateView | 4.193.51.28 | | 15 B |
URL nk.checkpoin681.click/apiv1/landingpage/updateView IP4.193.51.28:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashba5b6723e9df7319a90175587a04bc4e beaee247c79d096b01998af4f35eefaa512750c6 d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
POST /apiv1/landingpage/updateView HTTP/1.1
Host: nk.checkpoin681.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 29
Origin: https://nk.checkpoin681.click
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/12345
Cookie: PHPSESSID=nlh69ncrclaok9smnunqpsl8t0; 661607858d109d280322bf8e=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 20:21:46 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
|
|
| photo.salekit.com/uploads/salepage_661606b68d109d280322bf8c/11111.png | 14.225.18.24 | | 259 kB |
URL photo.salekit.com/uploads/salepage_661606b68d109d280322bf8c/11111.png IP14.225.18.24:0 ASN#135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File typePNG image data, 1920 x 921, 8-bit/color RGBA, interlaced Size259 kB (258873 bytes) Hash0d4da4745acfe0dcda0e1b8688ad2403 de9c436a2d402113cccbcdf8b43267a35d1a88eb e69f8d0e838453201b6e459e07bfb1cca5f976083f0d46836fb6f43696787518
GET /uploads/salepage_661606b68d109d280322bf8c/11111.png HTTP/1.1
Host: photo.salekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 18 Apr 2024 20:21:45 GMT
content-type: image/png
content-length: 258873
last-modified: Wed, 10 Apr 2024 03:59:59 GMT
etag: "66160ebf-3f339"
expires: Sat, 18 May 2024 20:21:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| photo.salekit.com/uploads/salepage_661606b68d109d280322bf8c/vip3.gif | 14.225.18.24 | | 733 kB |
URL photo.salekit.com/uploads/salepage_661606b68d109d280322bf8c/vip3.gif IP14.225.18.24:0 ASN#135905 VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
File typeGIF image data, version 89a, 500 x 600 Size733 kB (732618 bytes) Hash1dc8719c81b43a9e43caa02e58bbe6cf f9c53374a4e9752c5794dfa6db946325a4f4cd43 3250e092d1039e48de8ae20d7249ae5d142552fdedcdae6ee844cd46e3819337
GET /uploads/salepage_661606b68d109d280322bf8c/vip3.gif HTTP/1.1
Host: photo.salekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nk.checkpoin681.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 18 Apr 2024 20:21:45 GMT
content-type: image/gif
content-length: 732618
last-modified: Wed, 10 Apr 2024 03:59:37 GMT
etag: "66160ea9-b2dca"
expires: Sat, 18 May 2024 20:21:45 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| | 203.205.10.134 | 200 OK | 12 kB |
URL User Request GET HTTP/2IP203.205.10.134:443 ASN#45903 CMC Telecom Infrastructure Company
CertificateIssuerZeroSSL Subjectkh.cighelp.click FingerprintAA:DD:08:4C:67:B6:D2:AC:4F:71:B3:D1:6A:2B:78:B2:42:A6:10:CE ValidityFri, 12 Apr 2024 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (22389), with CR, LF line terminators Hashd1ed82b4a39b27a691c0bbe1c29c80eb f110592dd48f2409c363c988bb9593fe09a4e153 9eec1050099b47a7412539c79aa91b982e6c7e4ff0cd452f6072e4b08d0f147d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook | OpenPhish | phishing | Facebook, Inc. |
GET /7 HTTP/1.1
Host: kh.cighelp.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.19.3.2
date: Thu, 18 Apr 2024 20:21:49 GMT
content-type: text/html; charset=utf-8
content-length: 12304
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
vary: accept-encoding
x-request-id: F8d5cOtYHeSpFjoIs2uB
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://kh.cighelp.click/7 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kh.cighelp.click
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 239238
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://kh.cighelp.click/7 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kh.cighelp.click
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 186851
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| kh.cighelp.click/address_wc/address.84.min.js?v=1 | 203.205.10.134 | 200 OK | 89 kB |
URL GET HTTP/2kh.cighelp.click/address_wc/address.84.min.js?v=1 IP203.205.10.134:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerZeroSSL Subjectkh.cighelp.click FingerprintAA:DD:08:4C:67:B6:D2:AC:4F:71:B3:D1:6A:2B:78:B2:42:A6:10:CE ValidityFri, 12 Apr 2024 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (58425) Hashbcce9fe11b6a03f20fe1e6e8b55b1aee 67f9bab35bc2d85020b96e0c46e4178b9d7a8bc9 eb391c914c6c4ee5aa01ae03eaddf7d09acad25535a9f2cb31da425f347fd065
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
GET /address_wc/address.84.min.js?v=1 HTTP/1.1
Host: kh.cighelp.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.3.2
date: Thu, 18 Apr 2024 20:21:49 GMT
content-type: application/javascript
content-length: 89268
service-worker-allowed: /
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "7C47507"
vary: Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| kh.cighelp.click/page_view.gif?pid=04437df7-5f27-484c-94e8-6b14f72c6fbd | 203.205.10.134 | 200 OK | 35 B |
URL GET HTTP/2kh.cighelp.click/page_view.gif?pid=04437df7-5f27-484c-94e8-6b14f72c6fbd IP203.205.10.134:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerZeroSSL Subjectkh.cighelp.click FingerprintAA:DD:08:4C:67:B6:D2:AC:4F:71:B3:D1:6A:2B:78:B2:42:A6:10:CE ValidityFri, 12 Apr 2024 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
GET /page_view.gif?pid=04437df7-5f27-484c-94e8-6b14f72c6fbd HTTP/1.1
Host: kh.cighelp.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.3.2
date: Thu, 18 Apr 2024 20:21:49 GMT
content-type: image/gif
content-length: 35
cache-control: max-age=0, private, must-revalidate
x-request-id: F8d5cQbtOqpYjwcIUv7D
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| kh.cighelp.click/webcake/v4/fff57a8c-ca66-4e3b-96df-5a0e55363edb | 203.205.10.134 | 200 OK | 110 kB |
URL GET HTTP/2kh.cighelp.click/webcake/v4/fff57a8c-ca66-4e3b-96df-5a0e55363edb IP203.205.10.134:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerZeroSSL Subjectkh.cighelp.click FingerprintAA:DD:08:4C:67:B6:D2:AC:4F:71:B3:D1:6A:2B:78:B2:42:A6:10:CE ValidityFri, 12 Apr 2024 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65470) Size110 kB (110073 bytes) Hash9c167466da191511970c71204bd80ed3 9d9ce183a58d5417da95324d798a856015fa9874 8449b66969fc2bc8d3ca8b90c0a368cc28f25862bdb2f5bee70818f1ad72eb95
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
GET /webcake/v4/fff57a8c-ca66-4e3b-96df-5a0e55363edb HTTP/1.1
Host: kh.cighelp.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.3.2
date: Thu, 18 Apr 2024 20:21:49 GMT
content-length: 110073
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
vary: accept-encoding
x-request-id: F8d5cQbXuGofP1d25LzD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| api.webcake.io/render_iconfont/iconfont.css?v=1 | 113.20.119.13 | 200 OK | 302 B |
URL GET HTTP/2api.webcake.io/render_iconfont/iconfont.css?v=1 IP113.20.119.13:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerSectigo Limited Subject*.webcake.io Fingerprint8D:AC:11:28:4F:78:54:5F:A1:F8:4E:EF:09:BB:29:11:40:A4:D2:30 ValidityFri, 29 Sep 2023 00:00:00 GMT - Tue, 01 Oct 2024 23:59:59 GMT
Hashe35bda369458e13a9de042dabef63b49 d37d221d9eee4bbaf39c66ef1c9907996a101c09 a7f565be47dcd36f197bdb273b3cdd06ac2ac12e7b7d44ac089f6461f9fe2394
GET /render_iconfont/iconfont.css?v=1 HTTP/1.1
Host: api.webcake.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.15.8.2
date: Thu, 18 Apr 2024 20:21:50 GMT
content-type: text/css
content-length: 302
service-worker-allowed: /
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "2ED106"
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| api.webcake.io/animate/animatev4.css?v=1 | 113.20.119.13 | 200 OK | 6.7 kB |
URL GET HTTP/2api.webcake.io/animate/animatev4.css?v=1 IP113.20.119.13:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerSectigo Limited Subject*.webcake.io Fingerprint8D:AC:11:28:4F:78:54:5F:A1:F8:4E:EF:09:BB:29:11:40:A4:D2:30 ValidityFri, 29 Sep 2023 00:00:00 GMT - Tue, 01 Oct 2024 23:59:59 GMT
Hash9696d7f622ae25a26f8ea7d8ccf48b8b 10bf8ac510b34778c24c46208a98696a15758a64 5a0a021a59ca4c7381a7fc358ba5572400b1a9f47aee1bcb2d520f218991f447
GET /animate/animatev4.css?v=1 HTTP/1.1
Host: api.webcake.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.15.8.2
date: Thu, 18 Apr 2024 20:21:50 GMT
content-type: text/css
content-length: 6707
service-worker-allowed: /
accept-ranges: bytes
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "4114F2F"
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| content.pancake.vn/1/s600x450/fwebp/e6/9f/8d/0e/838453201b6e459e07bfb1cca5f976083f0d46836fb6f43696787518.png | 113.20.119.10 | 200 OK | 27 kB |
URL GET HTTP/2content.pancake.vn/1/s600x450/fwebp/e6/9f/8d/0e/838453201b6e459e07bfb1cca5f976083f0d46836fb6f43696787518.png IP113.20.119.10:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerSectigo Limited Subject*.pancake.vn Fingerprint4C:04:4A:05:69:92:1D:2B:AD:84:10:DC:24:50:2B:66:E9:C9:AB:1B ValidityMon, 10 Jul 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash8a2e375898e417d5eae6ac759784594b 7edd048b065c3c25a8a3c65bc14bff834bc4fe2c 92fcdd7ccbf27b47513cb23b13cd7988d2ffd4c0816056bafeca1fc9b346c91c
GET /1/s600x450/fwebp/e6/9f/8d/0e/838453201b6e459e07bfb1cca5f976083f0d46836fb6f43696787518.png HTTP/1.1
Host: content.pancake.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 18 Apr 2024 20:21:50 GMT
content-type: image/webp
content-length: 26826
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: public, max-age=2505600
etag: 838453201b6e459e07bfb1cca5f976083f0d46836fb6f43696787518.png
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| content.pancake.vn/1/s700x450/fwebp/72/4b/22/21/399f6ab069d66e4c8059ec058258dc61907c0a1eadcbe63791bc1af9.jpg | 113.20.119.10 | 200 OK | 5.3 kB |
URL GET HTTP/2content.pancake.vn/1/s700x450/fwebp/72/4b/22/21/399f6ab069d66e4c8059ec058258dc61907c0a1eadcbe63791bc1af9.jpg IP113.20.119.10:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerSectigo Limited Subject*.pancake.vn Fingerprint4C:04:4A:05:69:92:1D:2B:AD:84:10:DC:24:50:2B:66:E9:C9:AB:1B ValidityMon, 10 Jul 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 686x429, Scaling: [none]x[none], YUV color, decoders should clamp Hashd4f8775620519dbf90581a4c388ca124 e5f76e0318a47742ec0276dcd02ede2e227b0f0a f32c8d948a69e9c46a37104aa37a73255b623ef556248781eb7212576e34b92c
GET /1/s700x450/fwebp/72/4b/22/21/399f6ab069d66e4c8059ec058258dc61907c0a1eadcbe63791bc1af9.jpg HTTP/1.1
Host: content.pancake.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 18 Apr 2024 20:21:50 GMT
content-type: image/webp
content-length: 5348
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: public, max-age=2505600
etag: 399f6ab069d66e4c8059ec058258dc61907c0a1eadcbe63791bc1af9.jpg
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kh.cighelp.click/sync/04437df7-5f27-484c-94e8-6b14f72c6fbd | 203.205.10.134 | 200 OK | 65 B |
URL GET HTTP/2kh.cighelp.click/sync/04437df7-5f27-484c-94e8-6b14f72c6fbd IP203.205.10.134:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerZeroSSL Subjectkh.cighelp.click FingerprintAA:DD:08:4C:67:B6:D2:AC:4F:71:B3:D1:6A:2B:78:B2:42:A6:10:CE ValidityFri, 12 Apr 2024 00:00:00 GMT - Thu, 11 Jul 2024 23:59:59 GMT
Hash59413744ae5c322acb759e834d27bcef 213d148985d39261e3c33fadb7f232bdc8527e5e 3f2075ae1e3ca7261c17558ee154020f661b4a3aa4422a2ced569d52df3cd141
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Facebook |
GET /sync/04437df7-5f27-484c-94e8-6b14f72c6fbd HTTP/1.1
Host: kh.cighelp.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/7
Cookie: _p_session_id=04f8b5a3-289a-42db-89e8-9d360a3e329d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.3.2
date: Thu, 18 Apr 2024 20:21:51 GMT
content-type: application/json; charset=utf-8
content-length: 65
cache-control: max-age=0, private, must-revalidate
x-request-id: F8d5cW3DJ6sEyBMIs22B
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| content.pancake.vn/1/s600x600/fwebp/49/8a/4a/b8/f3cc0cbc4cc23c304abdacdac4483b2636aecc0e33bc715d5a5966e7.png | 113.20.119.10 | 200 OK | 14 kB |
URL GET HTTP/2content.pancake.vn/1/s600x600/fwebp/49/8a/4a/b8/f3cc0cbc4cc23c304abdacdac4483b2636aecc0e33bc715d5a5966e7.png IP113.20.119.10:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerSectigo Limited Subject*.pancake.vn Fingerprint4C:04:4A:05:69:92:1D:2B:AD:84:10:DC:24:50:2B:66:E9:C9:AB:1B ValidityMon, 10 Jul 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4c4d16ece23112e1e39fe472bfa40fb4 5cdf94c8ffb463aaf1be76f70a5498617e1d0e9d 2649a3640d1a6f6d5ed4f3dd9719432fd4d4e6273fcb047954df8b61327ef74b
GET /1/s600x600/fwebp/49/8a/4a/b8/f3cc0cbc4cc23c304abdacdac4483b2636aecc0e33bc715d5a5966e7.png HTTP/1.1
Host: content.pancake.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Thu, 18 Apr 2024 20:21:51 GMT
content-type: image/webp
content-length: 14346
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: public, max-age=2505600
etag: f3cc0cbc4cc23c304abdacdac4483b2636aecc0e33bc715d5a5966e7.png
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| a.pancake.vn/js/app.js?vsn=d | 113.20.119.13 | 200 OK | 4.9 kB |
URL GET HTTP/2a.pancake.vn/js/app.js?vsn=d IP113.20.119.13:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerSectigo Limited Subject*.pancake.vn Fingerprint4C:04:4A:05:69:92:1D:2B:AD:84:10:DC:24:50:2B:66:E9:C9:AB:1B ValidityMon, 10 Jul 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (4869), with no line terminators Hash2256f1b3f8d83aae868f3e546a7fa5ec c59eb80f98846f38f28cfa496c824829ed39c789 74b62bbff4866e7a99770a845517c37ae2f1315f850b48028c1697038cb58c7f
GET /js/app.js?vsn=d HTTP/1.1
Host: a.pancake.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.15.8.2
date: Thu, 18 Apr 2024 20:21:52 GMT
content-type: text/javascript
content-length: 4869
accept-ranges: bytes
cache-control: public, max-age=31536000
X-Firefox-Spdy: h2
|
|
| a.pancake.vn/collect?dl=https%3A%2F%2Fkh.cighelp.click%2F7&hn=kh.cighelp.click&sc=https%3A&sr=1280x1024&vp=1280x800&dt=Facebook&tid=ab-lp-04437df7-5f27-484c-94e8-6b14f72c6fbd&ts=1713471712690&_v=2.0&fr=&_aba=CPA2.1713471712688.3.0d3d7c58-6dd0-4d52-9161-499c14aecea4&_abd=CPD2.1713471712689.3.222366e4-5ab9-4bcb-9de2-be3b565155af&_abt=CPT2.1713471712689.3.e3d1af76-784d-4717-b884-2a8a00c782a6&campaign_id=null&campaign_variant_id=null | 113.20.119.13 | 200 OK | 35 B |
URL GET HTTP/2a.pancake.vn/collect?dl=https%3A%2F%2Fkh.cighelp.click%2F7&hn=kh.cighelp.click&sc=https%3A&sr=1280x1024&vp=1280x800&dt=Facebook&tid=ab-lp-04437df7-5f27-484c-94e8-6b14f72c6fbd&ts=1713471712690&_v=2.0&fr=&_aba=CPA2.1713471712688.3.0d3d7c58-6dd0-4d52-9161-499c14aecea4&_abd=CPD2.1713471712689.3.222366e4-5ab9-4bcb-9de2-be3b565155af&_abt=CPT2.1713471712689.3.e3d1af76-784d-4717-b884-2a8a00c782a6&campaign_id=null&campaign_variant_id=null IP113.20.119.13:443 ASN#45903 CMC Telecom Infrastructure Company
Requested byhttps://kh.cighelp.click/7 CertificateIssuerSectigo Limited Subject*.pancake.vn Fingerprint4C:04:4A:05:69:92:1D:2B:AD:84:10:DC:24:50:2B:66:E9:C9:AB:1B ValidityMon, 10 Jul 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /collect?dl=https%3A%2F%2Fkh.cighelp.click%2F7&hn=kh.cighelp.click&sc=https%3A&sr=1280x1024&vp=1280x800&dt=Facebook&tid=ab-lp-04437df7-5f27-484c-94e8-6b14f72c6fbd&ts=1713471712690&_v=2.0&fr=&_aba=CPA2.1713471712688.3.0d3d7c58-6dd0-4d52-9161-499c14aecea4&_abd=CPD2.1713471712689.3.222366e4-5ab9-4bcb-9de2-be3b565155af&_abt=CPT2.1713471712689.3.e3d1af76-784d-4717-b884-2a8a00c782a6&campaign_id=null&campaign_variant_id=null HTTP/1.1
Host: a.pancake.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.15.8.2
date: Thu, 18 Apr 2024 20:21:53 GMT
content-type: image/gif
content-length: 35
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: F8d5cd9k07cM8y4GJkpk
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:100,300,400,700,900&display=swap | 142.250.74.106 | 200 OK | 12 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:100,300,400,700,900&display=swap IP142.250.74.106:443
Requested byhttps://kh.cighelp.click/7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash1eb0fc73df28026d228d100265553551 d8f0b28bc98e7a57a7f886994c7ceefd111f0a69 ca70f34d4f6f51f432835b3f8671fe4b4d2f43b048570e37474bbcec992ce4da
GET /css?family=Roboto:100,300,400,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kh.cighelp.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 20:21:49 GMT
date: Thu, 18 Apr 2024 20:21:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|