heathervandevenonline.com/
104.21.33.82301 Moved Permanently 0 B URL HTTP/1.1 heathervandevenonline.com/
IP 104.21.33.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: heathervandevenonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 22 Oct 2022 09:08:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 10:08:45 GMT
Location: https://heathervandevenonline.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNnRcyQ6Ng%2FVGzfoCdigLneT%2BGuYiYR1B2BweA9lrLRz231jc9euxnVw2PF7DoUrmHyBMm7aILB0WGpBEYEbR7LOZ%2Bw8WUzk%2BPSVcQpj%2FXsmkzRDsmcIPmjV2zSXUcwU0lmQgLTXINUHQB2v"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e11719fc3cb518-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2839
Expires: Sat, 22 Oct 2022 09:56:04 GMT
Date: Sat, 22 Oct 2022 09:08:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 08:18:05 GMT
Expires: Sat, 22 Oct 2022 09:18:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9C4Qm0mTZu1T5kG5o9K5JXfA4hTBKoURMo_1lcVQcEvFAB9ym9wJ0Q==
Age: 3040
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2758
Expires: Sat, 22 Oct 2022 09:54:43 GMT
Date: Sat, 22 Oct 2022 09:08:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SBHUzhXXQDrCd9rbY+h7dbaBHrovKz8fKNZuj4ZhnqCx32CtPdCzHlyQwOt7oIk9wftxR2r5w1E=
x-amz-request-id: YZB74M0XSEWZZ6C2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 08:37:30 GMT
age: 1876
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cdfdfb68705a7707249ee29d2c2ee19d
5e56c551e856d9f24bcce9cf28767d3f97b71c97
c0b62773a6cd215225b9e9ec2fe3a1098f3894c3912405a4a65ab856e64005ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157899
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 09:08:46 GMT
Etag: "635378e9-117"
Expires: Mon, 24 Oct 2022 05:00:25 GMT
Last-Modified: Sat, 22 Oct 2022 05:00:25 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 09:08:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 22 Oct 2022 08:43:40 GMT
Expires: Sat, 22 Oct 2022 09:01:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Eu2t2egYq8bxiS5JgwqPD7GAzg5tu13gxor2sSDKF7WC-M41VFtqUQ==
Age: 1506
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1850
Cache-Control: max-age=170929
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 09:08:46 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 08:37:35 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VH/wuAoeaa3bRsIdq6Y7gg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rpJgEwTmglt9F4zsrx10UYviagM=
heathervandevenonline.com/
172.67.160.126404 Not Found 1.5 kB URL HTTP/2 heathervandevenonline.com/
IP 172.67.160.126:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1509), with CRLF line terminators
Hash d25518e91b75531945b0af275626c236
fbf0d16fa0e299b87c10dc2491d598133adae066
be2443ed51a3d49bff28c8c93783868392d4debe969e1c55732fbb32c34f12b3
GET / HTTP/1.1
Host: heathervandevenonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Sat, 22 Oct 2022 09:08:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2az6F5cT0mu%2F9ha%2FdgmFrxk5Dvp06SS%2Bko3lUf1Z8x0VpCArZfRIdp7uhmmuVV19l3LKdPwXSbd9h%2Bn6GNy35Ow8jt%2F2nmuInEbdH3Mq%2BkZVJha%2FVkRET7yl3II%2FL0YT%2FFI0iUR9V3D7dKZo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75e1171bd8531c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2970
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 09:08:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2970
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 09:08:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2970
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 09:08:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2970
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 09:08:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2970
Expires: Sat, 22 Oct 2022 09:58:18 GMT
Date: Sat, 22 Oct 2022 09:08:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab87aab0-810c-4802-b916-33df64c58282.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab87aab0-810c-4802-b916-33df64c58282.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a978fd293cc29ff1d630769f0a67767c
ab6e54e09c9d4413f67a4fd6ab92a66752ce460b
db97e0cb71710517f4b45d847da7657105a3b96f0a718bad5dec4c638bca2723
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab87aab0-810c-4802-b916-33df64c58282.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5420
x-amzn-requestid: 8a891168-aafa-42ff-a565-9b94bb49b16c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-m4GAOIAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353115f-17f47980582256e6080184de;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QB8hjxot2IEDAfDhMSEpT9T_GyA3_teTwFFXfPP5y_hK0KMQNLBZ8A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:15:51 GMT
age: 39177
etag: "ab6e54e09c9d4413f67a4fd6ab92a66752ce460b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf03028b-ea27-4e03-96d1-1345edf9b1fa.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf03028b-ea27-4e03-96d1-1345edf9b1fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3ce2aa0bfcd181c02a91d31eeaf1ba2
823c1926ab3607d8545f366d7615656ba380a086
aadd1973d55fd990c3ff2a1b666b63a9d235fbf3bdaffdf98d824093c04a7e56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf03028b-ea27-4e03-96d1-1345edf9b1fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5261
x-amzn-requestid: 31eab25b-d360-4732-b652-07ef45f3a75e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-okH40IAMFuig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-299e2d3e157c1f0a7ba89f0e;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: G6LpQY-pDghuTYCDyn4P4Qt5wvTzwQb-LU7WSodtJq6vva4DN7Qfdg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:49 GMT
age: 39419
etag: "823c1926ab3607d8545f366d7615656ba380a086"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vP9aRT8xL5F2kf36A-lMaIQ9FSAEUGo8jmx9y63iIBDdyWYujkXXPw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 39771
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4fb0f4c9ac5a88678baf456107f5341
f6c54dbdfad7e243fe38c03f004c4c79f96b2892
b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mq7h4TJkHKd-I9c01ao1yJ3izpJLRiMG_Sk3_e2pQDGCyunY2RlI3Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:32 GMT
age: 39976
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b6e3c22-497d-4a5d-a4d2-950672e6bcfa.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b6e3c22-497d-4a5d-a4d2-950672e6bcfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e409a641b2f5ea9893877975d7072f
ead119bf29d07f5957fd5150efb629586e884512
d9bbf8ae5b903ee7fa198fd22eb9da13115cfe6f5cbbba40b25e95e0897421e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b6e3c22-497d-4a5d-a4d2-950672e6bcfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15933
x-amzn-requestid: 46fb5d34-260a-4610-a104-54984fc436c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MbHWxoAMFzsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b5-643ab634594357c776bc939a;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 03HHUaxeqZ3Rx3NLsdlrZYNlmsCFyiv2-si9E6JuaCPo6iX5Gki43w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 39771
etag: "ead119bf29d07f5957fd5150efb629586e884512"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cdaacab30d73a7d05180cc16f4a96a3f
6cc0e39e0decbc20c765f171f63affd85fc9e6da
f015c3b1d838bd7d100ee104551bed2bb06a512b20ce3e5ac419d54b747fadd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10720
x-amzn-requestid: 96267527-f482-4bfa-ba7a-12467408efe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MvGutIAMFc8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b7-25f2624559b0fb7d62ced3a3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4--AiSTKMMOm9HnJL_ervFnd5rkQ-WZfGM-FNkxXKO892SPw67cxXA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:42 GMT
age: 39426
etag: "6cc0e39e0decbc20c765f171f63affd85fc9e6da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 2e5f1901b3d3128621baf05b4e83adbf
a539bea6a3bc531c38234607869a3b372cc6eac2
b1d54fa68e739384177ba4c5a57e1c8cb24bb110f5ce8d67ca8fcd01970b73b2
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 09:08:49 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 06:53:15 GMT
Expires: Fri, 28 Oct 2022 06:53:14 GMT
Etag: "a539bea6a3bc531c38234607869a3b372cc6eac2"
Cache-Control: max-age=509664,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e11732ff68b51b-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 794a6d2df00fc15e8b4ed6ff4992525e
f8d67c7fd506709d7232298859fe2b3daf374f29
02d38690754b5d99178d576fe6df6c1ca881a2bbd806a75c633c371fac0221da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 09:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 794a6d2df00fc15e8b4ed6ff4992525e
f8d67c7fd506709d7232298859fe2b3daf374f29
02d38690754b5d99178d576fe6df6c1ca881a2bbd806a75c633c371fac0221da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 09:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1af02535b7e5b1a301342dde85cdafc0
d30a6036185aa68dadebe45b0c5cb0c0e9affa3b
a22b383c7392f065181e7e814c281edbf276607af58c1b0dc9a18925b464c3d2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 09:08:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 02:15:27 GMT
Expires: Thu, 27 Oct 2022 02:15:26 GMT
Etag: "d30a6036185aa68dadebe45b0c5cb0c0e9affa3b"
Cache-Control: max-age=406595,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e11737ebe7b4f1-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 09:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 09:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 09:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.taixiu.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 05:42:51 GMT
expires: Fri, 20 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 185159
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.taixiu.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 18:57:58 GMT
expires: Tue, 17 Oct 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 396652
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 09:08:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
216.58.207.195200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 14040, version 1.0\012- data
Hash eadd44d829d43ddf48870c2073f1a7ca
fc04b04f37e0988001c81be96bca33c4d866450f
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.taixiu.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 00:03:21 GMT
expires: Wed, 18 Oct 2023 00:03:21 GMT
cache-control: public, max-age=31536000
age: 378329
last-modified: Mon, 15 Aug 2022 18:14:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
w.ladicdn.com/s450x350/61416d65d1330500bc1e1272/ios_tai-app-20220525070238.png
89.187.169.47200 OK 694 B URL HTTP/2 w.ladicdn.com/s450x350/61416d65d1330500bc1e1272/ios_tai-app-20220525070238.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 93 x 25, 8-bit colormap, non-interlaced\012- data
Hash 6c4d93747920110fb1e88bf953fd56f5
738f85a88a172ed6cd3adfc648e0cbfcdc7afc88
d07134fe4e4d46225e199b0b84feb6c08986dededf2b2d0d865bdefbcef99479
GET /s450x350/61416d65d1330500bc1e1272/ios_tai-app-20220525070238.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 694
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628dd734-2b6"
last-modified: Wed, 25 May 2022 07:13:56 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: d1ef872a7240aec0f3d7c1935d82fc83
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s750x400/61416d65d1330500bc1e1272/nut_vui-cuoc-to-20220525012005.png
89.187.169.47200 OK 5.7 kB URL HTTP/2 w.ladicdn.com/s750x400/61416d65d1330500bc1e1272/nut_vui-cuoc-to-20220525012005.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 355 x 71, 8-bit colormap, non-interlaced\012- data
Hash 3e1238d0294a049de1bdfd27e8e28b0b
2db3ad62411833a174962d3d3981fed18f1459a8
6849f341e8f3fc93ff82dee9099c7f73facb317120dbdc3c9d1e206ea3c72e9d
GET /s750x400/61416d65d1330500bc1e1272/nut_vui-cuoc-to-20220525012005.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 5728
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628d84e1-1660"
last-modified: Wed, 25 May 2022 01:22:41 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 8e003de946db2cd9e25acde40a8c7e97
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s500x500/61416d65d1330500bc1e1272/qr_adroind_nhacaisodo_net-20220526052018.png
89.187.169.47200 OK 8.7 kB URL HTTP/2 w.ladicdn.com/s500x500/61416d65d1330500bc1e1272/qr_adroind_nhacaisodo_net-20220526052018.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 180 x 179, 8-bit colormap, non-interlaced\012- data
Hash 162f2251eebcbdb877db7fc4ad752a6b
26290d778dded23b5665412adfe20cad1249d2c7
618b9191b587042d5bf8f8fa7ca1fdce298946ffa0cd8099ec5c74f4a9540adc
GET /s500x500/61416d65d1330500bc1e1272/qr_adroind_nhacaisodo_net-20220526052018.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 8692
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f1001-21f4"
last-modified: Thu, 26 May 2022 05:28:33 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: bb61428df2dd0572dc83500b9b42f0a2
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s500x350/61416d65d1330500bc1e1272/android_tai-app-20220525070229.png
89.187.169.47200 OK 840 B URL HTTP/2 w.ladicdn.com/s500x350/61416d65d1330500bc1e1272/android_tai-app-20220525070229.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 129 x 25, 8-bit colormap, non-interlaced\012- data
Hash b3311c6d86c02499a7e0c2e9569cfd33
65b03464a7b0157e23b6d34d0444e3007e50dabd
8906e1658e5b842f8648363325b8e6e6752ddb8a0009e9c534e504eae0f60d9d
GET /s500x350/61416d65d1330500bc1e1272/android_tai-app-20220525070229.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 840
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628dd736-348"
last-modified: Wed, 25 May 2022 07:13:58 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 10:42:03
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 187c392e93ffb7f60258c1dc4edeadf6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/61416d65d1330500bc1e1272/header_bar_dang-ky-20220525031433.png
89.187.169.47200 OK 5.8 kB URL HTTP/2 w.ladicdn.com/61416d65d1330500bc1e1272/header_bar_dang-ky-20220525031433.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Hash c3130ec32adc60f7bcb5f8f02158b625
f7180a087996db9ea96ec45d29c089c637d43a39
4f51cd308b5798c5d3ff7fb06d8f4f8fdb5ff145337922cfc3dbb9f26c598e72
GET /61416d65d1330500bc1e1272/header_bar_dang-ky-20220525031433.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 5783
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628db204-1697"
last-modified: Wed, 25 May 2022 04:35:16 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/06/2022 00:42:38
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 36277dd0e95e6a5cf7aec96e5843a718
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s800x400/61416d65d1330500bc1e1272/buttons3-20220525031506.png
89.187.169.47200 OK 6.6 kB URL HTTP/2 w.ladicdn.com/s800x400/61416d65d1330500bc1e1272/buttons3-20220525031506.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 466 x 83, 8-bit colormap, non-interlaced\012- data
Hash e47bfb72e7c00792d9de5afd6b033b31
0f5a855ec2816b4d84549a4c9e0812df5c88fd4d
974e2114267b4936e03a8a9aaecbc26e1a336d44c42f1eaa0bc61ab2da78897e
GET /s800x400/61416d65d1330500bc1e1272/buttons3-20220525031506.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 6551
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628debb4-1997"
last-modified: Wed, 25 May 2022 08:41:24 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 47655cec46632732c147388298f81a22
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/fb-20220526032409.png
89.187.169.47200 OK 3.1 kB URL HTTP/2 w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/fb-20220526032409.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 82 x 82, 8-bit colormap, non-interlaced\012- data
Hash 4ceeafb6b78dca1b9ed4778b8711cb00
ff2bed742920a3b87dc1e0ec9eb350117f7ca349
69a76819308e905e16804ac84f44f2291184426a745328af2a67329522c8e406
GET /s400x400/61416d65d1330500bc1e1272/fb-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 3114
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ef4f5-c2a"
last-modified: Thu, 26 May 2022 03:33:09 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 156fc027383c526a243aea66212ae8c6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/zl-20220526032409.png
89.187.169.47200 OK 3.9 kB URL HTTP/2 w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/zl-20220526032409.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 82 x 82, 8-bit colormap, non-interlaced\012- data
Hash 64c0cf683634a67cb36865c841c5b397
e81e874529db1e057888b7cb4bc3bc95fa2e42c7
4906b47508abe50380ba842c6fc06cc9ac1f3931f0e3623688121847e361b97c
GET /s400x400/61416d65d1330500bc1e1272/zl-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 3886
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f1642-f2e"
last-modified: Thu, 26 May 2022 05:55:14 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 10:42:04
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 660129bc24669f91d65e573eb750ae93
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/61416d65d1330500bc1e1272/button_km-20220526124706.gif
89.187.169.47200 OK 9.2 kB URL HTTP/2 w.ladicdn.com/61416d65d1330500bc1e1272/button_km-20220526124706.gif
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 219 x 80\012- data
Hash 62ba21a813da9b8dd1f4ddc57c61e419
1d9912ddf99b105b860190e8dee972f8d7abd458
823e7d68d1f8be8a2b5b6e7fecd1bfaad900c635942f5015299ed34b14979761
GET /61416d65d1330500bc1e1272/button_km-20220526124706.gif HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/gif
content-length: 9160
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f76d0-23c8"
last-modified: Thu, 26 May 2022 12:47:12 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 092a97929899a27aa8747ecd8ecb1857
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/web-20220526032409.png
89.187.169.47200 OK 3.3 kB URL HTTP/2 w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/web-20220526032409.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Hash 1fc8bc4f609b8531706b996043968d91
12c848d78a2caf3d0ca2fffb32605bcb40ff1ed0
0a22796c499879543057d06cc5435040f5f5d1771f91a863156d6e20c2115cd7
GET /s400x400/61416d65d1330500bc1e1272/web-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 3285
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f1644-cd5"
last-modified: Thu, 26 May 2022 05:55:16 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 8500d1bfb2e644589b4db4d3e7d4f59d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ytb-20220526032409.png
89.187.169.47200 OK 3.7 kB URL HTTP/2 w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ytb-20220526032409.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 82 x 82, 8-bit colormap, non-interlaced\012- data
Hash bb60e6f09dae29a47a35011a9c1f4731
cd297a5eabeda099dc2a9f8f73fe0191ab6819ff
733ffc68c2639674c5af10ee19b9db4e7c7c05417151483a4bbd9cc09b969ea7
GET /s400x400/61416d65d1330500bc1e1272/ytb-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 3729
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ef934-e91"
last-modified: Thu, 26 May 2022 03:51:16 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 16:39:38
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: 6624ec7d65c35c35f044659365c4db89
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_trang-chu-20220524134034.png
89.187.169.47200 OK 5.2 kB URL HTTP/2 w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_trang-chu-20220524134034.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Hash ba648feb5171f1c327cd1717da2beaaa
d10f46fda68968a36375d4b68852ca92f7014e9f
68911e0f0677178e20d0a3c8e0637bd1643e31e4857a9493ad9c3d9c912a45b1
GET /s450x400/61416d65d1330500bc1e1272/header_bar_trang-chu-20220524134034.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 5246
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce0e0-147e"
last-modified: Tue, 24 May 2022 13:42:56 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 61ed2e60a04f69ce41356270eb075cd6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/tl-20220526032409.png
89.187.169.47200 OK 3.8 kB URL HTTP/2 w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/tl-20220526032409.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 82 x 82, 8-bit colormap, non-interlaced\012- data
Hash 451920cc12b2c366df1e1b7e55ec1d39
a38089ad57231f106ffbeb8bd155c6b59f47a6fe
a952ba87255df9b6178008f62d3b96bebe350eaeaf2faf8daf298ffa99d72e94
GET /s400x400/61416d65d1330500bc1e1272/tl-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 3762
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ef4f5-eb2"
last-modified: Thu, 26 May 2022 03:33:09 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 16:39:38
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 6efbac8c19da05a389aa7a0cf10ba644
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s500x500/61416d65d1330500bc1e1272/qr_ios_nhacaisodo_net-20220526052024.png
89.187.169.47200 OK 8.6 kB URL HTTP/2 w.ladicdn.com/s500x500/61416d65d1330500bc1e1272/qr_ios_nhacaisodo_net-20220526052024.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 180 x 179, 8-bit colormap, non-interlaced\012- data
Hash 3307ad82e7211d0da7b15385afb8daa4
438969ca7b72b0762df3937a84604bef76ffb563
3eb1cfcb5740da1455d4c1102bd9c599fbcf846f8e6fca4132c6c8e54b57a9d0
GET /s500x500/61416d65d1330500bc1e1272/qr_ios_nhacaisodo_net-20220526052024.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 8555
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f1001-216b"
last-modified: Thu, 26 May 2022 05:28:33 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 17:00:45
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 52d050ec2de7f4127744f3b500824b52
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_cskh-24-7-20220524133839.png
89.187.169.47200 OK 5.2 kB URL HTTP/2 w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_cskh-24-7-20220524133839.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Hash 3a0d63a04c394cca05f996c2ec2e1c8f
7d5f74c8171e760aa16fc96158b0d161dc47b54d
06e45b7aa155cd222970b7de458a0a74c88f1fea068ae02c88adea23dfca897b
GET /s450x400/61416d65d1330500bc1e1272/header_bar_cskh-24-7-20220524133839.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 5163
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce0db-142b"
last-modified: Tue, 24 May 2022 13:42:51 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 70096de7df8a8989f5c63a3b7d29ba92
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_dang-nhap-20220524133952.png
89.187.169.47200 OK 5.3 kB URL HTTP/2 w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_dang-nhap-20220524133952.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Hash 99b2f08de0d2872150139e5ab8df3f89
8333d52f28f8d198fa85c369ecc3faa7eb64efa7
859fa5fe3c02407733868fa37936580db9d156a7eac86c5d2ba930c36aae602a
GET /s450x400/61416d65d1330500bc1e1272/header_bar_dang-nhap-20220524133952.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 5322
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce0dc-14ca"
last-modified: Tue, 24 May 2022 13:42:52 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 982898c0d1620d1e212f60033f99af7a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_dang-ky-20220524133942.png
89.187.169.47200 OK 5.2 kB URL HTTP/2 w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_dang-ky-20220524133942.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Hash d706e902c0353d33b8ac9c2c1fe5bac1
48d53f3ae42af7d0429bfc401266e3140ff73b9d
ea6909da24f92478e26a73b856894f7fd30131644444927dcb838674f22c6582
GET /s450x400/61416d65d1330500bc1e1272/header_bar_dang-ky-20220524133942.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 5163
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce0de-142b"
last-modified: Tue, 24 May 2022 13:42:54 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:54
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 800d95be03246c46b63fbc1c54f0011b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 92823dd777d3e3bdd52433f82242250a
39ce2eabe94636590213cbe695c53d17f080a561
2c477d186268cd6d02621b8d89447f0780056765d21099991a42fe639df5c076
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 09:08:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 22:04:34 GMT
Expires: Fri, 28 Oct 2022 22:04:33 GMT
Etag: "39ce2eabe94636590213cbe695c53d17f080a561"
Cache-Control: max-age=564341,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e1173baf89b4f1-OSL
w.ladicdn.com/s950x600/61416d65d1330500bc1e1272/khung-20220524133815.png
89.187.169.47200 OK 27 kB URL HTTP/2 w.ladicdn.com/s950x600/61416d65d1330500bc1e1272/khung-20220524133815.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 600 x 260, 8-bit colormap, non-interlaced\012- data
Hash 32097a3bdb2013f9e28c059f67df99fd
138c3da440eb49aae5f9381defadbe14e77efedb
68856b1c06dd9cbb247f178445bb52158389c00b123f91182fab5c7695cd5eec
GET /s950x600/61416d65d1330500bc1e1272/khung-20220524133815.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 27016
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce5a8-6988"
last-modified: Tue, 24 May 2022 14:03:20 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/25/2022 05:50:40
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 048b7e1b922df19afcc03d4655f24615
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s2750x450/61416d65d1330500bc1e1272/i-footer-bg_02-20220522085752.png
89.187.169.47200 OK 46 kB URL HTTP/2 w.ladicdn.com/s2750x450/61416d65d1330500bc1e1272/i-footer-bg_02-20220522085752.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 1920 x 81, 8-bit colormap, non-interlaced\012- data
Hash 81c876d021e2ba5f38cdb690f240a38b
8f9b4d5fd377c7cd9eaeda081a15b6ad5ae814d3
a859c251119118312475dbea57b2db38e34126aee276af520dadd97b638726cc
GET /s2750x450/61416d65d1330500bc1e1272/i-footer-bg_02-20220522085752.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 46470
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628a0122-b586"
last-modified: Sun, 22 May 2022 09:23:46 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:54
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: f1da43f10f8a5c82e2eba4320f6f68e0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s2350x450/61416d65d1330500bc1e1272/i-topbg2_01-20220522085752.png
89.187.169.47200 OK 43 kB URL HTTP/2 w.ladicdn.com/s2350x450/61416d65d1330500bc1e1272/i-topbg2_01-20220522085752.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 1920 x 124, 8-bit colormap, non-interlaced\012- data
Hash 98dffa49fda78e28eae09e1c34350bda
63c8e712cfbe27eec16645cc21fd14d142217fcc
7665dde099f89d4b2dd919576c66280c912f71297fbf37b8719b86c6b84f1776
GET /s2350x450/61416d65d1330500bc1e1272/i-topbg2_01-20220522085752.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 42606
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628a0124-a66e"
last-modified: Sun, 22 May 2022 09:23:48 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 16:39:37
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 1607fd9b040e08b1986dad54aa8a4dcf
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s600x400/61416d65d1330500bc1e1272/chu-20211203021229.png
89.187.169.47200 OK 51 kB URL HTTP/2 w.ladicdn.com/s600x400/61416d65d1330500bc1e1272/chu-20211203021229.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 497 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash fabf0514b44c2005395ecad87f203ef8
6bd9b60410f8e35e12d5f14154f29766f5587580
83af20694b0ba3483e18372bdc3e3975634a0646a2a4ef68b87ab0d46579ffeb
GET /s600x400/61416d65d1330500bc1e1272/chu-20211203021229.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 50624
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "6291ade8-c5c0"
last-modified: Sat, 28 May 2022 05:06:48 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 1c5963043a5c6c6070e601b00a9a4602
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s1050x550/61416d65d1330500bc1e1272/text_woldcup-4-20220525013140.png
89.187.169.47200 OK 66 kB URL HTTP/2 w.ladicdn.com/s1050x550/61416d65d1330500bc1e1272/text_woldcup-4-20220525013140.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 800 x 280, 8-bit colormap, non-interlaced\012- data
Hash 39127040c901d0d05c45ccfc328b6d80
72e8e3148f902e62375ae2c133cc5258571f8d6c
40a498a3f614789c0107010a582aa94069e9f6bd489929626f6a6ee6521259af
GET /s1050x550/61416d65d1330500bc1e1272/text_woldcup-4-20220525013140.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 66023
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628d8761-101e7"
last-modified: Wed, 25 May 2022 01:33:21 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 10:42:03
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: bd6270802e81a40c6b525345e5e68129
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s550x450/61416d65d1330500bc1e1272/light-20220525074907.png
89.187.169.47200 OK 94 kB URL HTTP/2 w.ladicdn.com/s550x450/61416d65d1330500bc1e1272/light-20220525074907.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 800 x 450, 8-bit/color RGBA, non-interlaced\012- data
Hash ea02e011b6b041b6d71e07c022a29d1f
0d2871dc17ec73723ed4721b0136865700725cbf
c48a534e1ea06d9ed1ec3219a16a30acfaf8d057215d80505ac0869a62ac9895
GET /s550x450/61416d65d1330500bc1e1272/light-20220525074907.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 93656
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628de16f-16dd8"
last-modified: Wed, 25 May 2022 07:57:35 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 10:42:03
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 6636632ec508d85e52c47f1c3bd6576a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s900x800/61416d65d1330500bc1e1272/b73517df090300fd-20220517100602.png
89.187.169.47200 OK 125 kB URL HTTP/2 w.ladicdn.com/s900x800/61416d65d1330500bc1e1272/b73517df090300fd-20220517100602.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image\012- data
Size 125 kB (125074 bytes)
Hash eaba5570e4a4ce51e7bacdbb845c8c5b
8d5e2dc7d33e7a74b2b9f14b9b43f233336807f6
e694792d1717d096965b11f75a548787c263dfdd1b90825b1019dd5317017ed5
GET /s900x800/61416d65d1330500bc1e1272/b73517df090300fd-20220517100602.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 125074
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628376c8-1e892"
last-modified: Tue, 17 May 2022 10:19:52 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 88d3ed915713384b305237ff3965506c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s950x800/61416d65d1330500bc1e1272/f4cd4605646e8f45-20220517100602.png
89.187.169.47200 OK 170 kB URL HTTP/2 w.ladicdn.com/s950x800/61416d65d1330500bc1e1272/f4cd4605646e8f45-20220517100602.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image\012- data
Size 170 kB (170074 bytes)
Hash 9e8377942515de197f6aff88df17e19c
15d00c5abd294ccca365e03487903d90fa7aceaf
a7619024b92a853d0eebc9e6e03ccfca47b966ed223cf5f21ae67e3b509df433
GET /s950x800/61416d65d1330500bc1e1272/f4cd4605646e8f45-20220517100602.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 170074
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628b4e7b-2985a"
last-modified: Mon, 23 May 2022 09:06:03 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 16:39:37
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: e483a0af9175b9105d72e35eb3d2cd4b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s900x750/61416d65d1330500bc1e1272/7812f3937d38b1e1-20220517100602.png
89.187.169.47200 OK 256 kB URL HTTP/2 w.ladicdn.com/s900x750/61416d65d1330500bc1e1272/7812f3937d38b1e1-20220517100602.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image\012- data
Size 256 kB (256498 bytes)
Hash 9170d1c2555543cb6f0f24d622259751
15caf7ac3ad35692bf443c46465a583dbab884d4
5574e15c03a9bbbb668fe241e39b2a0b01cc621320dc35ebee10efbd541bdb0b
GET /s900x750/61416d65d1330500bc1e1272/7812f3937d38b1e1-20220517100602.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 256498
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628376c9-3e9f2"
last-modified: Tue, 17 May 2022 10:19:53 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 16:39:38
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 8e04141546ff2f3eaf88a8a6b297a0ee
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s950x800/61416d65d1330500bc1e1272/b9ffec264b939c9a-20220517100602.png
89.187.169.47200 OK 364 kB URL HTTP/2 w.ladicdn.com/s950x800/61416d65d1330500bc1e1272/b9ffec264b939c9a-20220517100602.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image\012- data
Size 364 kB (364370 bytes)
Hash 97e4ad5679abff8f348ac5c9aef34737
a61c883a0d7520da6dc79dcfb5db5b522dde65f1
9753222c471fac0be13d48b7d33d1c898c398ce781f13571ea4340dee857b70b
GET /s950x800/61416d65d1330500bc1e1272/b9ffec264b939c9a-20220517100602.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 364370
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628b4e7c-58f52"
last-modified: Mon, 23 May 2022 09:06:04 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:54
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 1698f20bcaa20209ddaa9522b8c0dda4
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s1150x400/61416d65d1330500bc1e1272/footer-20220816033838.png
89.187.169.47200 OK 445 kB URL HTTP/2 w.ladicdn.com/s1150x400/61416d65d1330500bc1e1272/footer-20220816033838.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
Size 445 kB (444888 bytes)
Hash 10c2920cd998b72f960b3afb9b10d970
5bd6ea11de900b8df8b5886647afc7c977afcbd7
6367a631d5fe2c3265e015e0294175065db39c21844abe38285c0504727c67a0
GET /s1150x400/61416d65d1330500bc1e1272/footer-20220816033838.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 443643
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "62fb1801-6c4fb"
last-modified: Tue, 16 Aug 2022 04:07:29 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/24/2022 23:37:58
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: 9e6edd3e3d56777a298391c52c9e8b8f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s2350x1250/61416d65d1330500bc1e1272/body-bg3-20220522085751.png
89.187.169.47200 OK 1.5 MB URL HTTP/2 w.ladicdn.com/s2350x1250/61416d65d1330500bc1e1272/body-bg3-20220522085751.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size 1.5 MB (1519346 bytes)
Hash f560c1c77e36101bf72efbf7950c336a
61b1bf00c85146cd00b1a784fbd3b58bd1112922
67b9ed602d43d7918ecf9ffd90a3af331108579a75a216a38882c9e242e52161
GET /s2350x1250/61416d65d1330500bc1e1272/body-bg3-20220522085751.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 1519346
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628c51fe-172ef2"
last-modified: Tue, 24 May 2022 03:33:18 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 9f3265d49fc89853ca7eadffe98274f1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/s950x950/61416d65d1330500bc1e1272/i-right-pic-20220522085931.png
89.187.169.47200 OK 947 kB URL HTTP/2 w.ladicdn.com/s950x950/61416d65d1330500bc1e1272/i-right-pic-20220522085931.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 947 kB (946558 bytes)
Hash 4ed2855a8c9a8404e58d034f2384d87f
8a42a93792d23d38a31264eeb62775cf69153e80
6af600b6b456ff5afe7181c08a4e5d46a58fc92ec23aae63f6bb69e44c8290e3
GET /s950x950/61416d65d1330500bc1e1272/i-right-pic-20220522085931.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: image/png
content-length: 946558
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628a0124-e717e"
last-modified: Sun, 22 May 2022 09:23:48 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 21e5a965145cd413e8e9b40ed2d2e7ef
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.taixiu.cc/
18.138.206.213200 OK 56 kB IP 18.138.206.213:0
Hash 27949528ad6add1699fee296d7071cea
25de13a836c5ae26f352bfdf412f577b8aae7cde
930aef49fe79eefbdcbc8fcb1014d79a2e6fbb12968140e960af2f9b4b3f38cc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.taixiu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heathervandevenonline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie: LADI_DNS_CHECK="2022-10-22 09:08:50.199662654 +0000 UTC m=+1049297.061072619"; Expires=Tue, 19 Oct 2032 09:08:50 GMT
LADI_CLIENT_ID=d853ad38-dbc5-44dd-5de5-c71a8892c6cc; Expires=Tue, 19 Oct 2032 09:08:50 GMT
LADI_PAGE_VIEW=0; Expires=Tue, 19 Oct 2032 09:08:50 GMT
LADI_FORM_SUBMIT=0; Expires=Tue, 19 Oct 2032 09:08:50 GMT
LADI_PAGE_VIEW=1; Expires=Tue, 19 Oct 2032 09:08:50 GMT
LADI_CAMP_ID=; Max-Age=0
LADI_CAMP_NAME=; Max-Age=0
LADI_CAMP_TYPE=; Max-Age=0
LADI_CAMP_ORIGIN_URL=; Max-Age=0
LADI_CAMP_TARGET_URL=; Max-Age=0
LADI_CAMP_PAGE_VIEW=; Max-Age=0
LADI_CAMP_FORM_SUBMIT=; Max-Age=0
LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0
LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0
LADI_CAMP_CONFIG=; Max-Age=0
LADI_CAMP_END_DATE=; Max-Age=0
LADI_FUNNEL_NEXT_URL=; Max-Age=0
LADI_FUNNEL_PREV_URL=; Max-Age=0
statuscode: 200
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash dea2e58c89af3fcedd06baa24bb4ded7
d2c0eb784320882edae107983625a11789b678e0
84d91625218b56ab3aa21f79c62d1ddf9d4912a70ab013bf9afc5600f61284d0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153753
Date: Sat, 22 Oct 2022 09:08:52 GMT
Etag: "63535cf3-1d7"
Expires: Mon, 24 Oct 2022 03:51:25 GMT
Last-Modified: Sat, 22 Oct 2022 03:01:07 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3MT9cFxp_MjmaRoV4VIUbJFbMCVYGoMJw2c-iMtcWGIgIopTqr-3UQ==
Age: 3018
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash dea2e58c89af3fcedd06baa24bb4ded7
d2c0eb784320882edae107983625a11789b678e0
84d91625218b56ab3aa21f79c62d1ddf9d4912a70ab013bf9afc5600f61284d0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150735
Date: Sat, 22 Oct 2022 09:08:52 GMT
Etag: "63535cf3-1d7"
Expires: Mon, 24 Oct 2022 03:01:07 GMT
Last-Modified: Sat, 22 Oct 2022 03:01:07 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vhvgIGSXSy0xvWf-1uCS6vfQF0txpIBGQbqH5tnrHs8nRDeQPvAxmg==
core.vchat.vn/assets/css/main.css?version=251290
42.112.21.2200 OK 25 kB URL HTTP/2 core.vchat.vn/assets/css/main.css?version=251290
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type ASCII text, with very long lines (379)
Hash b4d8dbe6f755405ca8c47f7f216c5bac
49d3e4416fe682387ff3e49c693e11bfbc09ab8e
1214b6a3714ff13a3c41c55761b81442cd57ec4413efbb985e0ad8887e01785b
GET /assets/css/main.css?version=251290 HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: text/css
content-length: 24949
last-modified: Wed, 07 Sep 2022 03:38:18 GMT
etag: "6318122a-6175"
accept-ranges: bytes
X-Firefox-Spdy: h2
core.vchat.vn/assets/flaticon/font/flaticon.css
42.112.21.2200 OK 5.1 kB URL HTTP/2 core.vchat.vn/assets/flaticon/font/flaticon.css
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
Hash 5955a3bffc5866b18f99919f7708675a
ce44d60cb5bb786bf8bf63c7db2f73ce0deff860
4fe59e2ffb8d6349c7583d16eb1f52b5ae36279e1d8edb75d1f607bb33930f74
GET /assets/flaticon/font/flaticon.css HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: text/css
content-length: 5094
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-13e6"
accept-ranges: bytes
X-Firefox-Spdy: h2
core.vchat.vn/assets/js/jquery.js
42.112.21.2200 OK 93 kB URL HTTP/2 core.vchat.vn/assets/js/jquery.js
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type Unicode text, UTF-8 text, with very long lines (65481)
Hash 1d14cd3798bc4d6aaf65dd625870723f
0809f9f5caa2642b9dea8bf59133180bfd7c1d6f
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83
GET /assets/js/jquery.js HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: application/javascript
content-length: 93434
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-16cfa"
accept-ranges: bytes
X-Firefox-Spdy: h2
a.ladipage.com/event
54.151.182.138200 OK 492 B IP 54.151.182.138:0
Hash 7163cd57fdc1c187c5b021d9f1be1c3a
8c30ed4fe2ca4440e93b31596bacea067018c709
713d556e4933ee4e9613a151503e533a4cd7af5cedaa89d2722467bbfd590275
OPTIONS /event HTTP/1.1
Host: a.ladipage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Referer: https://www.taixiu.cc/
Origin: https://www.taixiu.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-167885744-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-167885744-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash bc0b1dd361f07a4e8ec49de3ef4d12e6
dae6074a39a3fc9471a9ad735c61245d3509be53
4493f1bc4cf728408ce6a65c823b2a9efb81e7d2376d46169eee61bc23e52ec2
GET /gtag/js?id=UA-167885744-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 22 Oct 2022 09:08:52 GMT
expires: Sat, 22 Oct 2022 09:08:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43588
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 640884276169218e32c4097311f01d98
7e684d53c31bdd6f864f6297945f47801e3f0a77
c7fd4e67965407160cdedf7557e10dba95a34b35f81b0c15e9dad27ce6d56527
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139919
Date: Sat, 22 Oct 2022 09:08:52 GMT
Etag: "635332b3-1d7"
Expires: Mon, 24 Oct 2022 00:00:51 GMT
Last-Modified: Sat, 22 Oct 2022 00:00:51 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GX_RM_V1S-G3TADY_mIp_gmTM5UozKN3LsX-5Gs0ScLRAXkCXRCrTQ==
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 94ee541bb392e5675c1e24c94c197f8b
bce18b05a24f5e2c6743cbbe849a733091586176
82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 09:08:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
core.vchat.vn/assets/js/axios.min.js
42.112.21.2200 OK 14 kB URL HTTP/2 core.vchat.vn/assets/js/axios.min.js
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type ASCII text, with very long lines (14099)
Hash 38d761de833dac4e6e929951cc8f1f1c
b6f4033fb28206ea9018e22ab7c77038e7764478
7d950014f08aab41621a1cbcbeb06a9cde95c8bb4c70019e63f79c0193abad50
GET /assets/js/axios.min.js HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: application/javascript
content-length: 14189
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-376d"
accept-ranges: bytes
X-Firefox-Spdy: h2
core.vchat.vn/assets/js/main.js?version=251290
42.112.21.2200 OK 37 kB URL HTTP/2 core.vchat.vn/assets/js/main.js?version=251290
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
Hash cef4af4eec2f8f989e0b6d4b2f7d896b
4aef708a98ef47aa75efd8a47821d9f6e7a1232d
4a025eb47909fa4b0b0f1a9ae3944f83014203bc6a0be5befb8a1091a9f49bd3
GET /assets/js/main.js?version=251290 HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: application/javascript
content-length: 37255
last-modified: Wed, 05 Oct 2022 03:10:29 GMT
etag: "633cf5a5-9187"
accept-ranges: bytes
X-Firefox-Spdy: h2
core.vchat.vn/assets/image/typing_1.gif
42.112.21.2200 OK 2.3 kB URL HTTP/2 core.vchat.vn/assets/image/typing_1.gif
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type GIF image data, version 89a, 48 x 44\012- data
Hash b6d97a9c479650b33d7016b53a11131b
cc99f6bd91ee88a5ca33e6745deb184cda5580f9
88abc22f59285ea365132ce0cd4e92c50b8cf6b2833de806bc4b5f4f32c2e3e2
GET /assets/image/typing_1.gif HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: image/gif
content-length: 2272
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-8e0"
accept-ranges: bytes
X-Firefox-Spdy: h2
core.vchat.vn/assets/image/typing.gif
42.112.21.2200 OK 40 kB URL HTTP/2 core.vchat.vn/assets/image/typing.gif
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type GIF image data, version 89a, 47 x 22\012- data
Hash afd569048af918c2eda6fc054df82c1e
b31953a3155ab5e3bbf7188d61fe4d57fc31fe85
7c68d052273f0b30a08b3316d64698810b594a7765de0b190078f55a0950c509
GET /assets/image/typing.gif HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: image/gif
content-length: 40271
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-9d4f"
accept-ranges: bytes
X-Firefox-Spdy: h2
core.vchat.vn/assets/image/loading.gif
42.112.21.2200 OK 4.8 kB URL HTTP/2 core.vchat.vn/assets/image/loading.gif
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type GIF image data, version 89a, 28 x 28\012- data
Hash 71f0518dad0c74927f3bf3d4a5fb6fb2
dfb7339dcfea2f4d8963066a6773b92501a7c1ba
a07d1cebd390b2820257e108c20a012950126fbe4178a3a10efe3a1b217044ce
GET /assets/image/loading.gif HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: image/gif
content-length: 4782
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-12ae"
accept-ranges: bytes
X-Firefox-Spdy: h2
core.vchat.vn/assets/js/vue.2.3.js
42.112.21.2200 OK 255 kB URL HTTP/2 core.vchat.vn/assets/js/vue.2.3.js
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
Size 255 kB (254793 bytes)
Hash f3304bbb2d5973eed6b0422a293c58b6
016775168e6a48b61a1009fb9bbf067b9add3dd4
b1ac0fd6c2e471a038610250580b636a16a6806e9bac699a209591858c037e7a
GET /assets/js/vue.2.3.js HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: application/javascript
content-length: 254793
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-3e349"
accept-ranges: bytes
X-Firefox-Spdy: h2
core.vchat.vn/code/socket.io.2.3.0.js
42.112.21.2200 OK 69 kB URL HTTP/2 core.vchat.vn/code/socket.io.2.3.0.js
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type ASCII text, with very long lines (32094)
Hash 9d982cf80aa2a6e09d791809e48cd82f
ed5bdb9f91879730e833f6b95f1960afd5a72c37
cc9c49fda0fdb365078fd84798f91fa86a3a93e942137c5f85b058e1f697e102
GET /code/socket.io.2.3.0.js HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: application/javascript
content-length: 68692
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-10c54"
accept-ranges: bytes
X-Firefox-Spdy: h2
static.ladipage.net/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico
54.254.12.79301 Moved Permanently 134 B URL HTTP/2 static.ladipage.net/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico
IP 54.254.12.79:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /61416d65d1330500bc1e1272/favicon-1-20220525080014.ico HTTP/1.1
Host: static.ladipage.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Sat, 22 Oct 2022 09:08:53 GMT
content-type: text/html
content-length: 134
location: https://w.ladicdn.com:443/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico
X-Firefox-Spdy: h2
wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OF-z00H
42.112.21.2200 OK 103 B URL HTTP/2 wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OF-z00H
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type ASCII text, with no line terminators
Hash 3f1690b4fc84ceefa843001ef61d1d55
e50f26308994fd8d1b8fc5a1f6f2bef8ff72e0ed
33b9c0cb8adcd35ec03fbf15fbd0862b83ff8f3dcac4d7d5714fff2d6bb2d34b
GET /socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OF-z00H HTTP/1.1
Host: wss1.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.vchat.vn
Connection: keep-alive
Referer: https://core.vchat.vn/
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:53 GMT
content-type: text/plain; charset=UTF-8
content-length: 103
access-control-allow-credentials: true
access-control-allow-origin: https://core.vchat.vn
set-cookie: io=e00X3WaouVoJsMxIleun; Path=/; HttpOnly; SameSite=Strict
X-Firefox-Spdy: h2
core.vchat.vn/upload/brand/2022/05/14/vc-627f29c552770-1652500933.png
42.112.21.2200 OK 22 kB URL HTTP/2 core.vchat.vn/upload/brand/2022/05/14/vc-627f29c552770-1652500933.png
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type PNG image data, 219 x 250, 8-bit colormap, non-interlaced\012- data
Hash ce66290d842ae55e0d6b687b2fa733c5
6d131de6cf5a6c85a12bcf6050172b74239bef82
624343ce61246c6ad2228e9f63ec546b1f40441a39c9cdbdca46c86f85cfea1d
GET /upload/brand/2022/05/14/vc-627f29c552770-1652500933.png HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:53 GMT
content-type: image/png
content-length: 21576
last-modified: Sat, 14 May 2022 04:02:13 GMT
etag: "627f29c5-5448"
accept-ranges: bytes
X-Firefox-Spdy: h2
w.ladicdn.com/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico
89.187.169.47200 OK 31 kB URL HTTP/2 w.ladicdn.com/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 44d42d2b00e6bae7dc38c3d6e6481457
46766d7c8c8fca507764ac94e170f8fe6b2ab386
992824b637b9754e00be69730ba76763b1b297ceaa50ab5904a3cd723bd9dc29
GET /61416d65d1330500bc1e1272/favicon-1-20220525080014.ico HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.taixiu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:53 GMT
content-type: image/x-icon
vary: Accept-Encoding
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"628de211-423e"
last-modified: Wed, 25 May 2022 08:00:17 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/21/2022 11:45:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 21be32093b9f889e754080e13173e883
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OF-z050&sid=e00X3WaouVoJsMxIleun
42.112.21.2200 OK 2 B URL HTTP/2 wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OF-z050&sid=e00X3WaouVoJsMxIleun
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OF-z050&sid=e00X3WaouVoJsMxIleun HTTP/1.1
Host: wss1.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 164
Origin: https://core.vchat.vn
Connection: keep-alive
Referer: https://core.vchat.vn/
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:53 GMT
content-type: text/html
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://core.vchat.vn
set-cookie: io=e00X3WaouVoJsMxIleun; Path=/; HttpOnly; SameSite=Strict
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 22 Oct 2022 08:41:09 GMT
expires: Sat, 22 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 1664
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=websocket&sid=e00X3WaouVoJsMxIleun
42.112.21.2101 Switching Protocols 0 B URL HTTP/1.1 wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=websocket&sid=e00X3WaouVoJsMxIleun
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=websocket&sid=e00X3WaouVoJsMxIleun HTTP/1.1
Host: wss1.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://core.vchat.vn
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hx9vsVfOm0pDuehVzfo6vw==
Connection: keep-alive, Upgrade
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.21.6
Date: Sat, 22 Oct 2022 09:08:54 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QB4a3X4Sg6g55MS3lfuADJiPPwk=
wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OF-z052&sid=e00X3WaouVoJsMxIleun
42.112.21.2200 OK 3 B URL HTTP/2 wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OF-z052&sid=e00X3WaouVoJsMxIleun
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
File type ASCII text, with no line terminators
Hash 9b9065b3ba2c3c87f1e30fdf998d791e
cc471c1ac39e9f79d65111b47de18d7bf187f1ed
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
GET /socket.io/?data=%7B%22channel%22%3A%5B130622334%5D%2C%22checksum%22%3A%2244d0964c278ca37ee958d216b9efc9bd%22%2C%22check_id%22%3A%22430d1725562559247a7ca317ce04caf1%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OF-z052&sid=e00X3WaouVoJsMxIleun HTTP/1.1
Host: wss1.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.vchat.vn
Connection: keep-alive
Referer: https://core.vchat.vn/
Cookie: _gta_uni=20221022.130622334.6400391; vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
date: Sat, 22 Oct 2022 09:08:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 3
access-control-allow-credentials: true
access-control-allow-origin: https://core.vchat.vn
set-cookie: io=e00X3WaouVoJsMxIleun; Path=/; HttpOnly; SameSite=Strict
X-Firefox-Spdy: h2
a.ladipage.com/event
54.151.182.138200 OK 0 B IP 54.151.182.138:0
POST /event HTTP/1.1
Host: a.ladipage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
LADI_CLIENT_ID: d853ad38-dbc5-44dd-5de5-c71a8892c6cc
LADI_PAGE_VIEW: 1
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID:
LADI_CAMP_NAME:
LADI_CAMP_TYPE:
LADI_CAMP_TARGET_URL:
LADI_CAMP_ORIGIN_URL:
LADI_CAMP_PAGE_VIEW: 0
LADI_CAMP_FORM_SUBMIT: 0
Content-Length: 212
Origin: https://www.taixiu.cc
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:52 GMT
content-type: text/plain; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
X-Firefox-Spdy: h2
w.ladicdn.com/v2/source/ladipage.min.css?v=1661321691911
89.187.169.47200 OK 0 B URL HTTP/2 w.ladicdn.com/v2/source/ladipage.min.css?v=1661321691911
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
GET /v2/source/ladipage.min.css?v=1661321691911 HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: text/css
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6305c34f-1071b"
last-modified: Wed, 24 Aug 2022 06:21:03 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 262
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 16:39:37
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: f63741edd5634e7a7a698aee3293466f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap
IP 142.250.74.10:0
GET /css?family=Open%20Sans:bold,regular&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Oct 2022 09:08:50 GMT
date: Sat, 22 Oct 2022 09:08:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1661321691911
89.187.169.47200 OK 0 B URL HTTP/2 w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1661321691911
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
GET /v2/source/ladipage.vi.min.js?v=1661321691911 HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 09:08:50 GMT
content-type: text/javascript
server: BunnyCDN-DE-756
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"63063b09-53755"
last-modified: Wed, 24 Aug 2022 14:51:53 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/24/2022 14:52:22
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 4041b4318d6d378be83757c38c6b0105
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
42.112.21.2200 OK 0 B URL HTTP/2 core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
IP 42.112.21.2:0
ASN #18403 FPT Telecom Company
GET /service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://heathervandevenonline.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22 HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.6
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
set-cookie: _gta_uni=20221022.130622334.6400391; expires=Fri, 18-Jul-2025 09:08:52 GMT; Max-Age=86400000; path=/; samesite=None; domain=.vchat.vn; secure; HttpOnly
vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52; expires=Mon, 30-Jan-2023 09:08:52 GMT; Max-Age=8640000; path=/; samesite=None; domain=.v3.vn; secure; HttpOnly
vnp_guest_15049_130622334=2022-10-22+16%3A08%3A52; expires=Mon, 30-Jan-2023 09:08:52 GMT; Max-Age=8640000; path=/; samesite=None; domain=.vchat.vn; secure; HttpOnly
cache-control: no-cache, private
date: Sat, 22 Oct 2022 09:08:52 GMT
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-expose-headers: *
access-control-allow-headers: Access-Control-Allow-Headers,Origin,Accept,Content-Type, Authorization, X-Custom-Header, Upgrade-Insecure-Requests, token, X-Requested-With, Application
X-Firefox-Spdy: h2