r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4b8b051d555b46b1e9e64faebf91b4ab
bdab7f1f4146f0e7c16665692e4f1edd83c10a24
e069730519f658e767ec8edb57edd8e2b1ccb18d4f0ade0920654eac18f83456
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E069730519F658E767EC8EDB57EDD8E2B1CCB18D4F0ADE0920654EAC18F83456"
Last-Modified: Tue, 17 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11230
Expires: Wed, 18 Jan 2023 14:04:07 GMT
Date: Wed, 18 Jan 2023 10:56:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12324
Expires: Wed, 18 Jan 2023 14:22:21 GMT
Date: Wed, 18 Jan 2023 10:56:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11063
Expires: Wed, 18 Jan 2023 14:01:20 GMT
Date: Wed, 18 Jan 2023 10:56:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 10:49:19 GMT
content-type: application/json
age: 458
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VajP+i2QMJF+A77TI9Le+7kAHWHeGexr6MheI13fuYTDdP8lbQ3KY19XL7F5YNPzz/zamXGFwIU=
x-amz-request-id: YBXTFWXJ0NCRJH5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 10:56:39 GMT
age: 18
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
h5.vbtdakm.top/
52.139.170.40301 Moved Permanently 166 B IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 18 Jan 2023 10:56:57 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://h5.vbtdakm.top/
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 10:56:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 10:17:25 GMT
age: 2372
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fc195676285917c2e9d84125a6ed7cb5
fedda003deba750341466b404bd7385256b44095
29d7887ec2926e1e5e1c35143c7a43c76db5e940d92589ff38ba7072510d3a64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "29D7887EC2926E1E5E1C35143C7A43C76DB5E940D92589FF38BA7072510D3A64"
Last-Modified: Wed, 18 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 18 Jan 2023 16:56:57 GMT
Date: Wed, 18 Jan 2023 10:56:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 135
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 10:56:57 GMT
Last-Modified: Wed, 18 Jan 2023 10:54:42 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.155.106.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.106.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SPuq+B4sLPhhfnxjhRsjCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +L95eZpWQeTC4fy8z7sj+eHESOk=
h5.vbtdakm.top/
52.139.170.40200 OK 530 B IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (561)
Hash 10c4bea2c0e5b4b0adb89816312516a9
eb3d0ec70b9f4158eb6974b66ccd7c7c253cf562
810c31b9785da23f5da294324a338554de0e058caaad3a77a1343dad98cc8fd9
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:56:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: W/"627f4a02-35e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Content-Encoding: gzip
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
h5.vbtdakm.top/static/index.a5c69d49.css
52.139.170.40200 OK 30 kB URL HTTP/1.1 h5.vbtdakm.top/static/index.a5c69d49.css
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash ea66e6b4a74d2568f75e841ae13ff702
ad5216555386688031c434e22968dd3d0c1519a8
65217a94ae37ca7e4549f9c9b51b051a76595cf5ed1040421e8e4158f1c2a7e2
GET /static/index.a5c69d49.css HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:56:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: W/"627f4a02-16ff2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9538
Expires: Wed, 18 Jan 2023 13:35:57 GMT
Date: Wed, 18 Jan 2023 10:56:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9538
Expires: Wed, 18 Jan 2023 13:35:57 GMT
Date: Wed, 18 Jan 2023 10:56:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9538
Expires: Wed, 18 Jan 2023 13:35:57 GMT
Date: Wed, 18 Jan 2023 10:56:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec6c49f056e786896d54fe22c242391
cc6b64ff3f09853843b62e555456a1ad9f0909fb
42f0571efba18630c8deee17e98c6939a7050b04f613ad10515caf503e496b4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2d78c9-2134-471e-bdb1-875c1b61ff8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5663
x-amzn-requestid: 9a1c75a4-1c8d-4bd2-b6ca-7fccb8b43c12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gF5goAMFveA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-1d274e8074771db651e80979;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sAxuQECVKx0dfc2UM_E_70nKN8za1SBN4opMWr_74gT5ScurgZGVLw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:46:36 GMT
age: 47423
etag: "cc6b64ff3f09853843b62e555456a1ad9f0909fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc498ee0b-a2b9-47cf-8161-03c86caa8c9f.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc498ee0b-a2b9-47cf-8161-03c86caa8c9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 822378a3438fdf79b5ae81c485cf9a9c
7e7c3f015d1478c7dc0c108fc0bf6e74cb00d37a
345345df1e67f4700a81059901cc4050196910c9dd2f635197301c21e420eee4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc498ee0b-a2b9-47cf-8161-03c86caa8c9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5213
x-amzn-requestid: 324586fa-41fa-4995-a9d9-3bfbddea69f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LSaEdgIAMFnjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf42-51c2249d0761a5146a8d20fb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:06:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LXZFvt44IpTLZioHxzJ4q7GakB_10TdOSufsVcm0dY9LBgOoDQtmYg==
via: 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:05:17 GMT
age: 24702
etag: "7e7c3f015d1478c7dc0c108fc0bf6e74cb00d37a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 402bdd90bc2557de4f317d4d0ec892ed
b205b0bb74fabcf1612f22db53c197b63ae4ce0c
2fa402a38832c3efe15d5fee9116b36aeea5a0012ba4e8d6477b4fa9a0368598
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11028
x-amzn-requestid: 2b2b0030-a54b-42d1-a680-69e23c4320bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AteE7uIAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-5abf38ea140446ec294cdf6c;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ApT3FVNNohshR3ZepIle34K_XJYUoJz7Ucm1JYfrlVuaQgAYrl-ESA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 07:16:18 GMT
age: 13241
etag: "b205b0bb74fabcf1612f22db53c197b63ae4ce0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d134f7ac9a5ca8ab7a9461bd20706bb7
aa47af3e7517390d10e89f0f18237cfdcc63cbed
3431c8027f09bb284fe48ef8e4458fd43d8cc961250601b3028b83a7ba19f6ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6543a616-79f5-4c5d-8f34-be53cb4c622d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13111
x-amzn-requestid: 7a9bb405-c68d-496f-b608-e9d295c44c50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0MStGBBIAMFXag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4c0dd-75d87c0d763744951f13febd;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:13:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jkIL919Q7OFO6bACXTrDan0f9D9rgrN0DJMQv1DYPLeWqT1CywCAEg==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:00:46 GMT
age: 24973
etag: "aa47af3e7517390d10e89f0f18237cfdcc63cbed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f112ea3865f38cbbcc8400b58320fa0
dacc584338546bf60f26b2a0bec48e9b584640dc
7feb3c0691f40354701d1cb0bf3c834d1eeead4a7297fac3afc0f4a7ca2c94cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QZZaGtGl3Z-4G4DxO4R_gjfDdQVgJc30Ur9EyLAvbGFhv4LfaXziPQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:00:29 GMT
age: 24990
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 928e970121a035e9f8d537e4bfe6bf5c
ce4aadc6b3500508d1c4b42b76f09be4414b6eee
2da1438b17cf05aed64e565350dcc706420f2bae7e8c5e36d1b5bad38248c275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 5b743b27-b6d4-4d98-9984-3a5e17cb28e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1xH8BIAMFuZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714f1-2f1031db0871abae4760d5b6;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jyWosZVSdPHomvHRyf-MuxVp0gR7sKIJ0-jmMStDeixhd8Bhoqzitg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:09 GMT
age: 46550
etag: "ce4aadc6b3500508d1c4b42b76f09be4414b6eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
h5.vbtdakm.top/static/js/index.d537da7f.js
52.139.170.40200 OK 209 kB URL HTTP/1.1 h5.vbtdakm.top/static/js/index.d537da7f.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (44426), with no line terminators
Size 209 kB (208995 bytes)
Hash afe31b85f77f5b7ceeb8c90d2ee7b192
19281361d0fc3a5ab10747694070ffcf0c596814
d246c9952cadc2c974841499a6b655b20a0f85426b3e390e9a47d17cb0bf1d02
GET /static/js/index.d537da7f.js HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:56:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: W/"627f4a02-8f208"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
h5.vbtdakm.top/static/js/chunk-vendors.d391c23f.js
52.139.170.40200 OK 668 kB URL HTTP/1.1 h5.vbtdakm.top/static/js/chunk-vendors.d391c23f.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (35466)
Size 668 kB (668174 bytes)
Hash f1ebf78ef796a0f269671c73827c0c3c
b68be0eb3fe984222cf08690a84589077f72e997
d0b86482a6a93774f86ccaa6a7a5d18b023b53228446f6bc3fc3bc4bacc3c1ea
GET /static/js/chunk-vendors.d391c23f.js HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:56:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: W/"627f4a02-1cfb23"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
h5.vbtdakm.top/api/common/identify
52.139.170.40200 OK 74 B URL HTTP/1.1 h5.vbtdakm.top/api/common/identify
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 6c101d791edb14de79ef836772ad8333
894c66eceba262837c3126bfd14e36cc15666cad
7e44d030231d43b7cf1d06bcac3b4fd4ba7dea307a59b54b03a5c66ea4e4a8d2
POST /api/common/identify HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 27
Origin: https://h5.vbtdakm.top
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:00 GMT
Content-Type: application/json
Content-Length: 74
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
h5.vbtdakm.top/favicon.ico
52.139.170.40404 Not Found 107 B URL HTTP/1.1 h5.vbtdakm.top/favicon.ico
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1f1ab1003fec1cbbe630f8a25a93a2bf
8cec320eff3e038626b6f5edb5be9e98d5a5bbca
085420c1207434394ec6e170849d50b661e59c6e0a977ab43f5c74a37de71fcd
GET /favicon.ico HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 18 Jan 2023 10:57:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
h5.vbtdakm.top/static/js/pages-assets-addCard-addCard~pages-assets-addWallet-addWallet~pages-assets-rechargeWallet-rechargeWa~4087a6db.4065b575.js
52.139.170.40200 OK 4.0 kB URL HTTP/1.1 h5.vbtdakm.top/static/js/pages-assets-addCard-addCard~pages-assets-addWallet-addWallet~pages-assets-rechargeWallet-rechargeWa~4087a6db.4065b575.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (12027), with no line terminators
Hash b42aac2683de24efbc8c9ef8af211a35
85e26fd27147a372c168f34f9c87c87367b590e5
cd43bb3b41271d16ce9f8f3ba699093886fef329a8ca693684062dae26379277
GET /static/js/pages-assets-addCard-addCard~pages-assets-addWallet-addWallet~pages-assets-rechargeWallet-rechargeWa~4087a6db.4065b575.js HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: W/"627f4a02-32eb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
h5.vbtdakm.top/static/js/pages-assets-accounts-accounts~pages-assets-addCard-addCard~pages-assets-addWallet-addWallet~pages-a~cf2e5d41.2e3a9ed5.js
52.139.170.40200 OK 34 kB URL HTTP/1.1 h5.vbtdakm.top/static/js/pages-assets-accounts-accounts~pages-assets-addCard-addCard~pages-assets-addWallet-addWallet~pages-a~cf2e5d41.2e3a9ed5.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (58655), with no line terminators
Hash a3e26865dcdcdb9188fe8d78df7ce365
bee35d6fe53342c231ad3d50e78446cff86ebb02
890248d99a3782607140415a6b0214f99ca833eb57d3b87c18bd8722154dd7c7
GET /static/js/pages-assets-accounts-accounts~pages-assets-addCard-addCard~pages-assets-addWallet-addWallet~pages-a~cf2e5d41.2e3a9ed5.js HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: W/"627f4a02-e76d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
h5.vbtdakm.top/static/js/pages-normal-login-login~pages-normal-register-register~pages-normal-resetPassword-resetPassword.721af005.js
52.139.170.40200 OK 7.5 kB URL HTTP/1.1 h5.vbtdakm.top/static/js/pages-normal-login-login~pages-normal-register-register~pages-normal-resetPassword-resetPassword.721af005.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (13902), with no line terminators
Hash 31a7b0e3578f93977302a0d02bafe932
01a5c0cfef7078519c66d083a7374e1c0b24fd88
527b1a4affbea3d6fdc9367af3e9e67a4506ebd91f37931e3d7ab24ae2bbe755
GET /static/js/pages-normal-login-login~pages-normal-register-register~pages-normal-resetPassword-resetPassword.721af005.js HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: W/"627f4a02-3a3e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
h5.vbtdakm.top/static/img/icon_home_selected.png
52.139.170.40200 OK 4.3 kB URL HTTP/1.1 h5.vbtdakm.top/static/img/icon_home_selected.png
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 81 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f4358018ab70478ae05c23cefadcf75
79afe00beb08bd49e0fec22a8a9d941d371707c3
1aac5ebe3cf5bc1ab57f731c5f171fea1aaa10442c5bc2fdeead7e456131ac2a
GET /static/img/icon_home_selected.png HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:01 GMT
Content-Type: image/png
Content-Length: 4276
Connection: keep-alive
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: "627f4a02-10b4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
h5.vbtdakm.top/static/img/icon_lever_normal.png
52.139.170.40200 OK 2.9 kB URL HTTP/1.1 h5.vbtdakm.top/static/img/icon_lever_normal.png
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 81 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 7944a794f3f698b86dcabf85d561214c
fb6d489b4ace28f757fedb919cf6fbf04f2b2189
7240d4bf5644bc622b3ca0427b8ca148c4578d5f0060eb3837cf0793cda59385
GET /static/img/icon_lever_normal.png HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:01 GMT
Content-Type: image/png
Content-Length: 2912
Connection: keep-alive
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: "627f4a02-b60"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
h5.vbtdakm.top/static/img/icon_assets_normal.png
52.139.170.40200 OK 1.2 kB URL HTTP/1.1 h5.vbtdakm.top/static/img/icon_assets_normal.png
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 56 x 64, 8-bit gray+alpha, non-interlaced\012- data
Hash 900cb1343da4b860b142a39acc2bd4f9
4a26ad1e8e9d601cab1e8bc02458c64e7c613491
e95d032674244f8e1faf2b6c8b82a5e186ab076c2f2f4ca8d55c774552fbf45a
GET /static/img/icon_assets_normal.png HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:01 GMT
Content-Type: image/png
Content-Length: 1173
Connection: keep-alive
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: "627f4a02-495"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
h5.vbtdakm.top/static/img/icon_market_normal.png
52.139.170.40200 OK 5.7 kB URL HTTP/1.1 h5.vbtdakm.top/static/img/icon_market_normal.png
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 81 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 039f3f34dff4ac5795cb5ca91d350f9a
a43c859bb2649b4a7883d3931384d0f0fa690a70
ecbcb84cc9e4536be5b1186c356cfe3220f1cdad37c3259a43ef970cdd27b386
GET /static/img/icon_market_normal.png HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:01 GMT
Content-Type: image/png
Content-Length: 5713
Connection: keep-alive
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: "627f4a02-1651"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
h5.vbtdakm.top/static/img/icon_trade_normal.png
52.139.170.40200 OK 7.8 kB URL HTTP/1.1 h5.vbtdakm.top/static/img/icon_trade_normal.png
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 81 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 201865e9c27aca3bdcf85baa614afefd
1569bcb34c5ece6851a56857932ec434c274544b
34c8e03dc35e982d36a14b45562a599564838c0a54fa94d47492db5cb480b976
GET /static/img/icon_trade_normal.png HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:01 GMT
Content-Type: image/png
Content-Length: 7812
Connection: keep-alive
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: "627f4a02-1e84"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Accept-Ranges: bytes
h5.vbtdakm.top/api/common/config
52.139.170.40200 OK 709 B URL HTTP/1.1 h5.vbtdakm.top/api/common/config
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1349), with no line terminators
Hash a04d96fc30397e47868c015f653bfb43
684a8e684c626b17524c5f070f873f64a2fce70a
7cf81d9a9774f696735a56531a691e17e88ded252cf871e8138a581382aa8e32
POST /api/common/config HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, test/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Context-Type: application/x-www-form-urlencoded; charset=utf-8
Client-Version: 1.0.0
Platform: windows
Lang: en-US
Agent-Identify: a38779d6bc1beeb3b2066d28803fe654
Device-Id: ua2znfXSXpgc8LaihSb9tUEgF3810ThI
sign: e6cb994b0dce8faab4366da258d066f68b0ba6a31951d04333f1c5731a48a32a
Content-Type: application/json
Content-Length: 2
Origin: https://h5.vbtdakm.top
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:01 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
Content-Encoding: gzip
h5.vbtdakm.top/static/js/pages-normal-login-login.e6c00709.js
52.139.170.40200 OK 21 kB URL HTTP/1.1 h5.vbtdakm.top/static/js/pages-normal-login-login.e6c00709.js
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (42447), with no line terminators
Hash 6309900614b7d4ca6e7971e7e1a80880
5566dd16d8b256b7e4b8660c942dbae27f03d490
ba8e8b6cf107e0eae659f983b6f52a89663a2153b5d96458784cf1e34420a196
GET /static/js/pages-normal-login-login.e6c00709.js HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 14 May 2022 06:19:46 GMT
ETag: W/"627f4a02-abff"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: HIT
Content-Encoding: gzip
h5.vbtdakm.top/api/common/config
52.139.170.40200 OK 709 B URL HTTP/1.1 h5.vbtdakm.top/api/common/config
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1349), with no line terminators
Hash a04d96fc30397e47868c015f653bfb43
684a8e684c626b17524c5f070f873f64a2fce70a
7cf81d9a9774f696735a56531a691e17e88ded252cf871e8138a581382aa8e32
POST /api/common/config HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, test/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Context-Type: application/x-www-form-urlencoded; charset=utf-8
Client-Version: 1.0.0
Platform: windows
Lang: en-US
Agent-Identify: a38779d6bc1beeb3b2066d28803fe654
Device-Id: ua2znfXSXpgc8LaihSb9tUEgF3810ThI
sign: e6cb994b0dce8faab4366da258d066f68b0ba6a31951d04333f1c5731a48a32a
Content-Type: application/json
Content-Length: 2
Origin: https://h5.vbtdakm.top
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:02 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
Content-Encoding: gzip
h5.vbtdakm.top/api/common/config
52.139.170.40200 OK 709 B URL HTTP/1.1 h5.vbtdakm.top/api/common/config
IP 52.139.170.40:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (1349), with no line terminators
Hash a04d96fc30397e47868c015f653bfb43
684a8e684c626b17524c5f070f873f64a2fce70a
7cf81d9a9774f696735a56531a691e17e88ded252cf871e8138a581382aa8e32
POST /api/common/config HTTP/1.1
Host: h5.vbtdakm.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, test/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Context-Type: application/x-www-form-urlencoded; charset=utf-8
Client-Version: 1.0.0
Platform: windows
Lang: en-US
Agent-Identify: a38779d6bc1beeb3b2066d28803fe654
Device-Id: ua2znfXSXpgc8LaihSb9tUEgF3810ThI
sign: e6cb994b0dce8faab4366da258d066f68b0ba6a31951d04333f1c5731a48a32a
Content-Type: application/json
Content-Length: 2
Origin: https://h5.vbtdakm.top
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 10:57:02 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
Server: cdn
Strict-Transport-Security: max-age=31536000;
X-Cache-Status: MISS
Content-Encoding: gzip
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 3ad759086769405a42d2a0e642c4ca27
954c4f61f874a1ca15244ba76068efa00f5f52f8
b7f9d6367986d10b8ebfa47e0713fb3d4105ad518389508dfee8ba775cb60574
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=764
Date: Wed, 18 Jan 2023 10:57:02 GMT
Connection: keep-alive
X-N: S
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 43e711e80c88dc53e777a47eb1f20eb4
3ccca931c31bf9210c3b4e83bfa6fb6739eda06b
cdca7d1e1604910565bd32bacfe02f47ac13a74257fc30552947f0e6399d887d
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: ac176ac4-4e3a-4906-9302-e7456e7d24bc
Content-Length: 1701
Date: Wed, 18 Jan 2023 10:57:02 GMT
Connection: keep-alive
cdn.dcloud.net.cn/img/shadow-grey.png
118.178.181.40200 OK 136 B URL HTTP/1.1 cdn.dcloud.net.cn/img/shadow-grey.png
IP 118.178.181.40:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 1 x 6, 4-bit colormap, non-interlaced\012- data
Hash 5a962adf74d92ae702467b3f47976547
36f74049375584e3fa69b5ef87e9572336ff9e7a
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
GET /img/shadow-grey.png HTTP/1.1
Host: cdn.dcloud.net.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 18 Jan 2023 10:57:02 GMT
Content-Type: image/png
Content-Length: 136
Last-Modified: Thu, 06 Jun 2019 06:42:07 GMT
Connection: close
ETag: "5cf8b5bf-88"
Expires: Wed, 18 Jan 2023 12:57:02 GMT
Cache-Control: max-age=7200
Set-Cookie: __uni__uid=CgIBX2PH0H5qDAVu+NasAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none
Accept-Ranges: bytes
h5.dwkofe25.xyz/app-img/img/5fff2bf15967d6917180121427072.png
20.247.122.65200 OK 63 kB URL HTTP/2 h5.dwkofe25.xyz/app-img/img/5fff2bf15967d6917180121427072.png
IP 20.247.122.65:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 500 x 534, 8-bit/color RGBA, non-interlaced\012- data
Hash ed45b56bce66dc18897042cf2c321563
0f3af67316064ed5df285114135658e2b447c0e7
718863d96031bb93c35dd0a7b00b89aa54484ce9e9a4812d2c0e5a316ba9936c
GET /app-img/img/5fff2bf15967d6917180121427072.png HTTP/1.1
Host: h5.dwkofe25.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h5.vbtdakm.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.6
date: Wed, 18 Jan 2023 10:57:02 GMT
content-type: image/png
content-length: 63058
x-amz-id-2: r82tN+qqPuCrt7O9vzOdzrfwqDPnwoRpA0ovvTMEzoDV4jbjP8wBcqpIHmFoxML8Rpvz1aQ61r8=
x-amz-request-id: H1929CVCQT4K59TK
last-modified: Wed, 13 Jan 2021 17:20:50 GMT
etag: "ed45b56bce66dc18897042cf2c321563"
x-amz-version-id: 70536SrfMjhgXvfdGGI5ahJubcET8zjG
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
x-country: NO
x-cache: EXPIRED@walruzm3g00007f
accept-ranges: bytes
X-Firefox-Spdy: h2