midasbuyreward.com/
172.67.161.34301 Moved Permanently 0 B IP 172.67.161.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET / HTTP/1.1
Host: midasbuyreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Feb 2023 10:08:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 01 Feb 2023 11:08:47 GMT
Location: https://midasbuyreward.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dt7BmdP0Qgbzv2La18EJXLmwc6mmxpLc1Sc9eBYQD3A5l6%2Fnu2GAwUvmW7YZO1xebEmyamsZJHRDfmDUIvsrLlf9wJoYNO7usXWxIKLpp5%2FLmgIRsbGRGGECzc64xgdBapwB1K0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7929e349db37fab4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9976
Expires: Wed, 01 Feb 2023 12:55:03 GMT
Date: Wed, 01 Feb 2023 10:08:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2771
Expires: Wed, 01 Feb 2023 10:54:58 GMT
Date: Wed, 01 Feb 2023 10:08:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5786
Expires: Wed, 01 Feb 2023 11:45:13 GMT
Date: Wed, 01 Feb 2023 10:08:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 09:36:01 GMT
content-type: application/json
age: 1966
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: It4xmz26jgU20/J1QGb+P1LXWGKyH6yWMA0/HMQk2RGIw36woA6DgLnKn2xr8p3tvkpzIAN+y9I=
x-amz-request-id: HKQC2T07931VBTZ5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 09:22:36 GMT
age: 2771
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:08:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
IP 142.250.74.131:0
Hash 986417728c4fdf53482e2a912f2f931a
79acc0a0fde9cee25688b40c6a87f019de070e01
bba453b8e9837dd91d12a46f832f7d2fad1220c29a86ec5f2453fd224bfc2e80
POST /s/gts1p5/Y51sqwKdZ10 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:08:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 09:41:42 GMT
age: 1626
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
IP 142.250.74.131:0
Hash 986417728c4fdf53482e2a912f2f931a
79acc0a0fde9cee25688b40c6a87f019de070e01
bba453b8e9837dd91d12a46f832f7d2fad1220c29a86ec5f2453fd224bfc2e80
POST /s/gts1p5/Y51sqwKdZ10 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:08:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
midasbuyreward.com/
104.21.9.174200 OK 846 B IP 104.21.9.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 615f39f243bb9f16bcd7f399e8b72670
af34481280e31902bfe5784c969ba0673f4bd694
a9467357c2ad67238b5d6b6ae4f83b22d2e5405d2966d622551814d81d1a9dbb
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET / HTTP/1.1
Host: midasbuyreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:48 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sabgNyGyvJiU6BwVQ9GMMx6a3YPgIWiEJCb6jj6u95Nl2t9cF8l28uRIGp3xaT906h0RM%2BZbbJmCfY9PvZCAsGa6GMFaf3%2FpBLMxzJIP9wXst2vl1Yc2U58eAUrCRhfRTraIMjg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7929e34cbbbfb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7c9cfd95365e4c498af2087df6694290
02d175c10c7f423deedcc2e4f59f6267f0701398
7f03c9ef03abc468b3c246e34fdd1465d131a8ba963aa735b0894af5ab371d5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5684
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:08:48 GMT
Last-Modified: Wed, 01 Feb 2023 08:34:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7c9cfd95365e4c498af2087df6694290
02d175c10c7f423deedcc2e4f59f6267f0701398
7f03c9ef03abc468b3c246e34fdd1465d131a8ba963aa735b0894af5ab371d5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5072
Cache-Control: max-age=151491
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:08:48 GMT
Etag: "63d9d323-118"
Expires: Fri, 03 Feb 2023 04:13:39 GMT
Last-Modified: Wed, 01 Feb 2023 02:49:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:08:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7c9cfd95365e4c498af2087df6694290
02d175c10c7f423deedcc2e4f59f6267f0701398
7f03c9ef03abc468b3c246e34fdd1465d131a8ba963aa735b0894af5ab371d5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5684
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:08:48 GMT
Last-Modified: Wed, 01 Feb 2023 08:34:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (32030)
Hash 04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:43:24 GMT
expires: Tue, 30 Jan 2024 18:43:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 141924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 10:08:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fntGgXaOAJJpL7CcODSLPA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MKMiY+8yyZloiwivccSlHDP3n4g=
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:49 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3482987
expires: Mon, 22 Jan 2024 10:08:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5l4Mmg76ZysQKT%2F1NnBaodpHvwEzPvxsWIlyn2zNVEsWZMN9C5KHYnxrtOVdiNgEVtLvbgY6RTInDIlkXyts6BjJ5VBTQ7iGHGk6gM7GjiUlZoGj81a70DFa3TmrBupjagFnSYG9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7929e355081fb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2665
Expires: Wed, 01 Feb 2023 10:53:15 GMT
Date: Wed, 01 Feb 2023 10:08:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2665
Expires: Wed, 01 Feb 2023 10:53:15 GMT
Date: Wed, 01 Feb 2023 10:08:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2665
Expires: Wed, 01 Feb 2023 10:53:15 GMT
Date: Wed, 01 Feb 2023 10:08:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP 34.120.237.76:0
Hash edef37bc120a56cff46ce0c20e589e3b
677bbbeb7536565180a61749ce9ea50dadb80364
10d368d80e6b6f8b74e60e34bc9ac61c56af3a81ae5e9b24de770e72d62144b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 10:37:05 GMT
age: 84705
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:27:41 GMT
age: 9669
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4354120b504a8b1d1c3f4e206eb4611
ba854dec74347525b20dbf3b4e5c13876d56aa1c
bc921fe78a71864819998207c13b5c3ca7913275a4503119c5d105ad7827c377
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9282
x-amzn-requestid: f448477b-b445-46fa-8aee-8c5c527ee95b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feqp8FuToAMFxDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5be3f-30fbf0dd70d17878651809a0;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 00:30:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XGTtVMp42cyJ-Xmh0D-ECG50tJe_AZWIir602PjdJ1CwsAygJpbJyA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:00:34 GMT
age: 22096
etag: "ba854dec74347525b20dbf3b4e5c13876d56aa1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 27532
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 44791
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a7557cc-bf07-438f-8710-ba1b44e30270.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a7557cc-bf07-438f-8710-ba1b44e30270.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fec00239dceb510f051645ae93dac5f2
6524837e65b070341f9c8f4589492876ae293f17
d00272557742c57d084ab7e46b9b1722b28b869ae9c63e2169e7124e5107c009
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a7557cc-bf07-438f-8710-ba1b44e30270.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: f37b4455-c9fb-46e4-a287-f40c1138a77a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflQWGqCIAMFvjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c02-01d34b0d3a9a0101555081f5;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:10:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: B6h-UbN1ZGshwcCuhhT82vu8ApQHq2E-5IybV31s1Enq2jXM_dd42A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 06:33:50 GMT
age: 12900
etag: "6524837e65b070341f9c8f4589492876ae293f17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 10:08:51 GMT
Ali-Swift-Global-Savetime: 1675246131
Via: cache10.l2de2[4,3,200-0,M], cache10.l2de2[5,0], cache5.se1[28,28,200-0,M], cache5.se1[29,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 10:08:51 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916752461310865216e
cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
101.33.10.108200 OK 3.1 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type ASCII text, with very long lines (17999), with no line terminators
Hash 053c2bfc207a143e1eda8dfe42fcbaca
922c6d61943ce7826a64cf30b6876a2edf5edf6a
31bf5fce5aa7dc1c21608e8179bb580765270e8bd86de5482ba8a4aee7cc0ba6
GET /oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:51 GMT
content-type: text/css
content-length: 3106
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:50 GMT
last-modified: Thu, 08 Apr 2021 09:43:27 GMT
content-encoding: gzip
x-nws-log-uuid: e84bf54c-b119-467a-86b9-212f66befc89
x-cache-lookup: Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/images/apps/pubgm/guide001.png
101.33.10.108200 OK 442 kB URL HTTP/2 cdn.midasbuy.com/images/apps/pubgm/guide001.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 1338 x 754, 8-bit colormap, non-interlaced\012- data
Size 442 kB (442225 bytes)
Hash b79c6ea08e40d9d9533cd83db49587af
a33cabc012f0433bc6001b390313995aa35e0bdf
9fe15b168ab9a542ae9410fdfca0fa9101d64a4b0c40c64a8d976b26207ddd99
GET /images/apps/pubgm/guide001.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:51 GMT
content-type: image/png
content-length: 442225
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:50 GMT
last-modified: Wed, 01 Dec 2021 10:12:01 GMT
x-nws-log-uuid: 5b5640bd-247b-4290-98dd-7c14603d9034
x-cache-lookup: Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/css/media-f6bc833bbb.html.css
101.33.10.108200 OK 21 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/css/media-f6bc833bbb.html.css
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type ASCII text, with very long lines (65536), with no line terminators
Hash 16856c0e112045ee8f444e00bc3cb732
fe8651b02063981af4a12786d2f0a94b3ee63053
d774f07a90d5b99872198c0a892f8d722a734bd78c8d553e5299db8d628938c6
GET /oversea_web/static/css/media-f6bc833bbb.html.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:51 GMT
content-type: text/css
content-length: 20706
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:50 GMT
last-modified: Fri, 02 Apr 2021 11:54:18 GMT
content-encoding: gzip
x-nws-log-uuid: 7aeee0c5-b6fb-40c5-81ab-e2b06ffac4c9
x-cache-lookup: Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/images/apps/pubgm/guide002.png
101.33.10.108200 OK 448 kB URL HTTP/2 cdn.midasbuy.com/images/apps/pubgm/guide002.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 1338 x 750, 8-bit colormap, non-interlaced\012- data
Size 448 kB (448284 bytes)
Hash 597f725d1acdadf8ac263021465ed51b
47d931fbbf164780a8a71cdfd9d3cb53b5ca583a
46101013f8555231d5e1e2bb9b09c402a334d29323094101d6caff277afd5c31
GET /images/apps/pubgm/guide002.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:51 GMT
content-type: image/png
content-length: 448284
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:50 GMT
last-modified: Wed, 01 Dec 2021 10:12:19 GMT
x-nws-log-uuid: 1c3ff917-b67b-41a4-9fdc-f0c6231cd692
x-cache-lookup: Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 10:08:51 GMT
Last-Modified: Tue, 31 Jan 2023 11:36:43 GMT
ETag: "63d8fd4b-1d7"
Expires: Thu, 02 Feb 2023 11:36:43 GMT
Cache-Control: max-age=91672
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675246131
Via: cache6.l2de2[192,192,200-0,M], cache6.l2de2[194,0], cache7.se1[214,213,200-0,M], cache7.se1[216,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 10:08:51 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16752461310883661e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b19bb0c76ca5238a19af8774bf37af92
95d108285c2c9e4e6336a6a1ed5815a622dea92e
6f127d04a9b0f5af355935f4454e13f94072987e094edc1a0c7829b9b0beaa76
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 10:08:51 GMT
Last-Modified: Tue, 31 Jan 2023 14:18:50 GMT
ETag: "63d9234a-1d7"
Expires: Thu, 02 Feb 2023 14:18:50 GMT
Cache-Control: max-age=101399
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675246131
Via: cache1.l2de2[189,189,200-0,M], cache1.l2de2[190,0], cache5.se1[211,211,200-0,M], cache5.se1[212,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 10:08:51 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916752461311315278e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 10:08:51 GMT
Last-Modified: Tue, 31 Jan 2023 11:36:43 GMT
ETag: "63d8fd4b-1d7"
Expires: Thu, 02 Feb 2023 11:36:43 GMT
Cache-Control: max-age=91672
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675246131
Via: cache11.l2de2[311,311,200-0,M], cache11.l2de2[312,0], cache8.se1[334,333,200-0,M], cache8.se1[336,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 10:08:51 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16752461310823068e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 10:08:51 GMT
Ali-Swift-Global-Savetime: 1675246131
Via: cache3.l2de2[315,314,200-0,M], cache3.l2de2[316,0], cache7.se1[336,335,200-0,M], cache7.se1[338,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 10:08:51 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16752461310883659e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 10:08:51 GMT
Ali-Swift-Global-Savetime: 1675246131
Via: cache25.l2de2[318,317,200-0,M], cache25.l2de2[319,0], cache7.se1[341,341,200-0,M], cache7.se1[343,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 10:08:51 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16752461310883660e
cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js
101.33.10.108200 OK 19 kB URL HTTP/2 cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
Hash a3b2cf6cabef87509597419b4209f705
c81b2fe2cad2901dc967220505f6d633bdd1e22b
5db724dca089dc2e36974b4398d2209ba0a84e8b5e1b1d2af6f23d2e504a5dda
GET /h5/overseah5/js/midas-oversea-h5page.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:51 GMT
content-type: application/javascript
content-length: 11963
cache-control: max-age=259200
expires: Sat, 04 Feb 2023 10:08:51 GMT
last-modified: Thu, 05 Jan 2023 09:24:23 GMT
content-encoding: gzip
x-nws-log-uuid: 56caa794-0f8a-494e-9f8b-2b741dd3ef8c
x-cache-lookup: Hit From MemCache Gz
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
101.33.10.108200 OK 36 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type ASCII text, with very long lines (65536), with no line terminators
Hash de38e9ea125cb741d20e2931dd1a4688
a02d6429a26cda558582bace903abcc4281b433e
9e5caa5a21f6440a822e11a2df244f50d833e23e4fd1bfe4d99f1b819cf69616
GET /oversea_web/static/css/vendor-87839280b2.html.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:51 GMT
content-type: text/css
content-length: 36202
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:51 GMT
last-modified: Thu, 01 Apr 2021 02:25:50 GMT
content-encoding: gzip
x-nws-log-uuid: 9443f303-7182-499a-a883-2279570bbfa9
x-cache-lookup: Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js
101.33.10.108200 OK 48 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type Unicode text, UTF-8 text, with very long lines (65487), with no line terminators
Hash 1ad01901b3fbfd646fcccee0a421a506
f03614a96dd6dfce69dfdee3b60b9872f9caf5e6
f1f3e3835d75d07a242dd39f889e5c2e2ce66b1f566e17fdb632f5eb2979e688
GET /oversea_web/static/js/buypage.052bbaf6.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:51 GMT
content-type: application/javascript
content-length: 47711
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:51 GMT
last-modified: Wed, 10 Mar 2021 08:45:21 GMT
content-encoding: gzip
x-nws-log-uuid: 75448c70-f434-40ce-ab50-0b23e82c2119
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js
101.33.10.108200 OK 18 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type Unicode text, UTF-8 text, with very long lines (46187), with NEL line terminators
Hash 493a3307cf580b5a836d2baf8e0dcd87
b0e5683b251c38060f2086e1abb0204071000375
144a3f1bae789f0a2cc849f82979d5621429eb3a91f18ba6d5aeb8d53e21d4d8
GET /oversea_web/static/js/header.bbcf2110.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:51 GMT
content-type: application/javascript
content-length: 18232
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:51 GMT
last-modified: Wed, 10 Mar 2021 08:45:22 GMT
content-encoding: gzip
x-nws-log-uuid: e85409c6-dc11-49c3-9a2c-9e84f5fe4e2b
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 419ef6229bc58a71a3f38a6e6f273664
7bba8b8401492e0cfb2bcd3cd6da1a161bfbe40e
d9285a566ce51451a58964ff83ab156835007241a2b5b7442211e6b7c1a5e18b
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:08:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 05 Feb 2023 06:13:04 GMT
ETag: "7bba8b8401492e0cfb2bcd3cd6da1a161bfbe40e"
Last-Modified: Wed, 01 Feb 2023 06:13:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1660
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7929e36309fbb517-OSL
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b19bb0c76ca5238a19af8774bf37af92
95d108285c2c9e4e6336a6a1ed5815a622dea92e
6f127d04a9b0f5af355935f4454e13f94072987e094edc1a0c7829b9b0beaa76
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 10:08:51 GMT
Ali-Swift-Global-Savetime: 1675246131
Via: cache16.l2de2[315,315,200-0,M], cache16.l2de2[316,0], cache7.se1[338,337,200-0,M], cache7.se1[338,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 10:08:51 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16752461313484008e
cdn.midasbuy.com/oversea_web/static/js/production.midas.runtime.js
101.33.10.108200 OK 92 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/js/production.midas.runtime.js
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type ASCII text, with very long lines (32077)
Hash 952643514d71972f6df35e4b8e8482fb
b0ac29d75ac0835e4e30810942558d9b1562966f
cf6214a3a22e442208e57b7ae26a0f5bab6b941aa7d4d15eca703f02b8e0fd9a
GET /oversea_web/static/js/production.midas.runtime.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:51 GMT
content-type: application/javascript
content-length: 92388
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:51 GMT
last-modified: Wed, 01 Feb 2023 07:56:58 GMT
content-encoding: gzip
x-nws-log-uuid: 0405387a-dd1b-4b94-84b7-e12f62a33f32
x-daa-tunnel: hop_count=3
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
3gimg.qq.com/tele_safe/static/tfg/pc/tfg.v1.0.18.js
203.205.136.77200 OK 64 kB URL HTTP/2 3gimg.qq.com/tele_safe/static/tfg/pc/tfg.v1.0.18.js
IP 203.205.136.77:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type Unicode text, UTF-8 text, with very long lines (47403), with NEL line terminators
Hash 8a34837795e4cdec2c6c73a4552ff290
a62522ee006fdb198bb896c43c3cb5b7bfc42dc8
b209750403ec33d58f44da1b1cd11625f4a38aef97d438c7bc0e4683ee4f873d
GET /tele_safe/static/tfg/pc/tfg.v1.0.18.js HTTP/1.1
Host: 3gimg.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "9766758ab4540071f60a1dcde343d4e2d382b02e"
date: Sat, 28 Jan 2023 09:20:46 GMT
content-type: application/javascript
ip: 0.0.0.0
server: TencentCOS
x-cos-storage-class: STANDARD_IA
x-cos-hash-crc64ecma: 13594462328696689996
x-cos-object-type: normal
access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-headers: *
accept-ranges: bytes
last-modified: Sat, 09 Apr 2022 02:31:37 GMT
content-encoding: gzip
content-length: 64381
x-nws-log-uuid: 3163945444598498392
x-cache-lookup: Cache Hit, Hit From Inner Cluster
access-control-allow-origin: *
X-Firefox-Spdy: h2
kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970
129.226.107.210200 OK 57 kB URL HTTP/1.1 kepler.captcha.qcloud.com/tencent-kepler.js?appId=9865970
IP 129.226.107.210:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Hash 1b75d80aec6b42ea2bd3dd7a614285e2
f08ca6b401628706324caf14a3997995d332cb64
b118a19c3320176bb54941329d784beda5b814667ac5fc2b2ba363a70e8aa765
GET /tencent-kepler.js?appId=9865970 HTTP/1.1
Host: kepler.captcha.qcloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 10:08:51 GMT
Content-Type: text/javascript
Content-Length: 56621
Connection: keep-alive
Content-Encoding: gzip
Server: tencent http server
Accept-Ranges: bytes
P3P: CP=CAO PSA OUR
Cache-Control: max-age=600
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
188.114.99.234200 OK 82 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP 188.114.99.234:0
File type ASCII text, with very long lines (65371)
Hash 680d0f3bcdd6fcab7afdbdbf4721975d
3d133dd0fd78b010a79ec28ffd6d69c609a3e39c
10ed6c1b7d3e6e648f6f5cf2958c9f0a634e397430e6cbbcc628c9d0dc4db667
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:48 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 23356465
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7929e35038ffb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.midasbuy.com/oversea_web/static/images/pc-logo.png
43.152.56.96200 OK 5.4 kB URL HTTP/2 www.midasbuy.com/oversea_web/static/images/pc-logo.png
IP 43.152.56.96:0
File type PNG image data, 442 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash d4b222d824ad52cd77c1eb76e96b77dd
81ed6d1d6f885d529f30add9e76e1dec27d61757
c96e7ada49314f46576365e190183fefabdcdbbf7737b648a7b36f4aa6b46444
GET /oversea_web/static/images/pc-logo.png HTTP/1.1
Host: www.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 18 Oct 2019 06:55:12 GMT
content-encoding: gzip
etag: "5da961d0-151b"
server: nginx
date: Thu, 30 Jun 2022 06:20:40 GMT
content-type: image/png
expires: Sat, 30 Jul 2022 06:20:40 GMT
cache-control: max-age=2592000
content-length: 5426
accept-ranges: bytes
eo-log-uuid: 4794438111155660765
eo-cache-status: HIT
X-Firefox-Spdy: h2
www.midasbuy.com/oversea_web/static/images/big-new-close-icon.png
43.152.56.96200 OK 377 B URL HTTP/2 www.midasbuy.com/oversea_web/static/images/big-new-close-icon.png
IP 43.152.56.96:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e766c1c59bf7522503a56e7569e2855b
719cb81a6b5f78f7571fd142175c49bc48c65d2a
e77f8cb012cafcbe52c127e67af5dd5de8341f5a685e3a26b2df552d5a3669f9
GET /oversea_web/static/images/big-new-close-icon.png HTTP/1.1
Host: www.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 May 2020 08:36:36 GMT
content-encoding: br
etag: "5ec39a94-175"
server: nginx
date: Thu, 30 Jun 2022 06:20:40 GMT
content-type: image/png
expires: Sat, 30 Jul 2022 06:20:40 GMT
cache-control: max-age=2592000
content-length: 377
accept-ranges: bytes
eo-log-uuid: 586502527473085419
eo-cache-status: HIT
X-Firefox-Spdy: h2
i.ibb.co/Wg8qQxh/facebook-text.png
162.19.58.159200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 162.19.58.159:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:08:52 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/V9rgBqw/twitter-text.png
162.19.58.159200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 162.19.58.159:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:08:52 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/28sztvcd/season-Token.png
162.19.88.68200 OK 31 kB URL HTTP/2 i.postimg.cc/28sztvcd/season-Token.png
IP 162.19.88.68:0
Hash 50c2f9bc55cfedcc6e22a126b2608408
cb5779f04c29be4d7d337b16fd07e1cb6c24dd4d
db16167598df5a0ff97ef70868dc39f891a32f4845978d21f4eb37128baee218
GET /28sztvcd/season-Token.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 10:08:52 GMT
content-type: image/png
content-length: 29942
last-modified: Sun, 03 Jul 2022 09:35:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/pc-fb-eade39686c.png
101.33.10.108200 OK 2.4 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/pc-fb-eade39686c.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash eade39686c453acaf33a01a6e36268fc
ce7fb98da8caaa54fe9d73dec432dd45835aa70d
528ec4ee6f56ace1dd9c394fa067175b7192828bc3b68e264e7494448f31b27e
GET /oversea_web/static/images/pc-fb-eade39686c.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:52 GMT
content-type: image/png
content-length: 2407
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:52 GMT
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
x-nws-log-uuid: acd4df7f-6a6a-497e-90cb-4bac1919625b
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-cache-lookup: Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/feedback-icon-d5219efc94.png
101.33.10.108200 OK 1.3 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/feedback-icon-d5219efc94.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 20 x 16, 8-bit/color RGBA, interlaced\012- data
Hash d5219efc94471d4bb43fc126151b89ed
ee8a891c098f366da2d881851c35e322fcc91865
62a6940b8ff01e27be4e854346e4f734bed11d64c1378b70b30f0385c645a575
GET /oversea_web/static/images/feedback-icon-d5219efc94.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:52 GMT
content-type: image/png
content-length: 1272
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:52 GMT
last-modified: Tue, 27 Apr 2021 10:57:27 GMT
x-nws-log-uuid: fcf66732-7e99-4b9f-8dea-ace9ba35220e
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-cache-lookup: Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png
101.33.10.108200 OK 6.5 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
Hash b328798b7d3a60d6959959823fc39d58
4a25079f7e74fb54323bdb3be4fa3ce167af7031
d07cbe239a7cf797dd0e1b0434fda4dad1c46d25924281c219c4a9360f172a3b
GET /oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:52 GMT
content-type: image/png
content-length: 6303
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:52 GMT
last-modified: Tue, 27 Apr 2021 10:57:17 GMT
x-nws-log-uuid: ec3f4cc2-0f5f-4f8e-b7d1-bc1a3faefdab
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/help-3511261f22.png
101.33.10.108200 OK 768 B URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/help-3511261f22.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 3511261f2219959016bf0a8e8b9f9fcd
282b2905a6d1be9088d93d895f5a20303606a4a1
58a9d84a82320ae57c1f150a1c32d868459335083c0095c36504a1acb0fad2ea
GET /oversea_web/static/images/help-3511261f22.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:52 GMT
content-type: image/png
content-length: 768
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:52 GMT
last-modified: Tue, 27 Apr 2021 10:57:29 GMT
x-nws-log-uuid: 6104a0ff-8516-447c-b85f-983463e11dec
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/codmicon/card-bg-097257145b.png
101.33.10.108200 OK 46 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/codmicon/card-bg-097257145b.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 326 x 480, 8-bit/color RGBA, non-interlaced\012- data
Hash 097257145b436869d2c0978b4cdd3454
d486c55eb3764f83f22550d72b0b932c8812826a
1c27de241af0b7402928d9d99af6288c1570d31a781dd0637a35fa51d8b7088b
GET /oversea_web/static/images/codmicon/card-bg-097257145b.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:52 GMT
content-type: image/png
content-length: 45735
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:52 GMT
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
x-nws-log-uuid: 924356ad-31a4-4589-a8b6-f777979566a4
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png
101.33.10.108200 OK 114 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 326 x 480, 8-bit/color RGBA, non-interlaced\012- data
Size 114 kB (113890 bytes)
Hash c8325e2e0e5cde4df1581a63800f7086
8219f8045bb6441c7b8fdb92c94595c7327918c0
9b66bc540c283d4587d4bd6df50a100bf1f18158655e24234f103f0bc419e9e3
GET /oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:52 GMT
content-type: image/png
content-length: 113890
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:52 GMT
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
x-nws-log-uuid: 41a903d3-19ad-43aa-82d0-500bd5604dc0
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/pc-logo-5f404ea479.png
101.33.10.108200 OK 5.4 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/pc-logo-5f404ea479.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 442 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f404ea4792424375fa4b16a520555ed
8a3e448779780a80af9adc5081e4fa793e51f436
607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985
GET /oversea_web/static/images/pc-logo-5f404ea479.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:53 GMT
content-type: image/png
content-length: 5403
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:52 GMT
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
x-nws-log-uuid: 30d63a87-8c9b-4d2f-80f8-b4b0fd84a6da
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/list-active-new-0f7ecf2cdd.svg
101.33.10.108200 OK 615 B URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/list-active-new-0f7ecf2cdd.svg
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text
Hash 0f7ecf2cddefd1c786fd11e60a3f183a
59911a60b5049a6d980646cc27b24fde94d0763f
362a7ee07b4a9bf9f2ce90cf4de3ed1535b38c0a2d55c8db4c921c068d46f313
GET /oversea_web/static/images/list-active-new-0f7ecf2cdd.svg HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:53 GMT
content-type: image/svg+xml
content-length: 615
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:52 GMT
last-modified: Tue, 27 Apr 2021 10:57:31 GMT
x-nws-log-uuid: 0b84962d-fc68-4547-9d2f-4c81e18d9014
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/arrow-icon-54d438045f.png
101.33.10.108200 OK 360 B URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/arrow-icon-54d438045f.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 54d438045f0281be67ce99d4961caa5e
c862dda6d99691930cba1d401629e31358cadb52
a521b418fd37d48c7a770e7c9438bf56c8a564df2ae8a77c60865f0614361ec7
GET /oversea_web/static/images/arrow-icon-54d438045f.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 10:08:53 GMT
content-type: image/png
content-length: 360
cache-control: max-age=600
expires: Wed, 01 Feb 2023 10:18:52 GMT
last-modified: Tue, 27 Apr 2021 10:57:08 GMT
x-nws-log-uuid: 9f2ab028-7928-40e5-b73b-84d2b997821e
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246153511|6=1675246153511|29=0404447576727409831615827099757&rr=0.23492797506638574
101.33.29.111200 OK 247 B URL HTTP/2 report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246153511|6=1675246153511|29=0404447576727409831615827099757&rr=0.23492797506638574
IP 101.33.29.111:0
Hash e934e384208b6adabbe20166554e0062
5986210e5229013f12bdb20f1f056df93e5bba08
3ef1f212e3f4ab226015fb578c8deedd85884228ccc39b7f7fd43002d8da82b4
GET /cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246153511|6=1675246153511|29=0404447576727409831615827099757&rr=0.23492797506638574 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:53 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 5005267477085247605
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|36=https%3A%2F%2Fmidasbuyreward.com%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0|51=&r=0.09560417469933258
101.33.29.111200 OK 29 B URL HTTP/2 report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|36=https%3A%2F%2Fmidasbuyreward.com%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0|51=&r=0.09560417469933258
IP 101.33.29.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2935fb252651c11a0686fa86463b502b
61d2f0bb210e47ae4e1828536a5a8ab18db01017
37bb2788d2a768dc291105ef695562033e91d7b6d0283600d27d482b985d27ae
GET /cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|36=https%3A%2F%2Fmidasbuyreward.com%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0|51=&r=0.09560417469933258 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:53 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 14120315321997776390
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246153509|6=1675246153509|29=0404447576727409831615827099757&rr=0.07178236602809007
101.33.29.111200 OK 29 B URL HTTP/2 report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246153509|6=1675246153509|29=0404447576727409831615827099757&rr=0.07178236602809007
IP 101.33.29.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2935fb252651c11a0686fa86463b502b
61d2f0bb210e47ae4e1828536a5a8ab18db01017
37bb2788d2a768dc291105ef695562033e91d7b6d0283600d27d482b985d27ae
GET /cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246153509|6=1675246153509|29=0404447576727409831615827099757&rr=0.07178236602809007 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:53 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 12448397617419298012
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246153594|6=1675246153594|29=0404447576727409831615827099757&rr=0.530472921033737
101.33.29.111200 OK 29 B URL HTTP/2 report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246153594|6=1675246153594|29=0404447576727409831615827099757&rr=0.530472921033737
IP 101.33.29.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2935fb252651c11a0686fa86463b502b
61d2f0bb210e47ae4e1828536a5a8ab18db01017
37bb2788d2a768dc291105ef695562033e91d7b6d0283600d27d482b985d27ae
GET /cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246153594|6=1675246153594|29=0404447576727409831615827099757&rr=0.530472921033737 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:53 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 14644044382671997011
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.timer.page.topupv2|8=times%3D4046%26html%3D459%26dns%3D0%26tcp%3D0%26res%3D3587|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246155228|6=1675246155228|29=0404447576727409831615827099757&rr=0.9052503823573358
101.33.29.111200 OK 29 B URL HTTP/2 report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.timer.page.topupv2|8=times%3D4046%26html%3D459%26dns%3D0%26tcp%3D0%26res%3D3587|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246155228|6=1675246155228|29=0404447576727409831615827099757&rr=0.9052503823573358
IP 101.33.29.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2935fb252651c11a0686fa86463b502b
61d2f0bb210e47ae4e1828536a5a8ab18db01017
37bb2788d2a768dc291105ef695562033e91d7b6d0283600d27d482b985d27ae
GET /cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.timer.page.topupv2|8=times%3D4046%26html%3D459%26dns%3D0%26tcp%3D0%26res%3D3587|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675246155228|6=1675246155228|29=0404447576727409831615827099757&rr=0.9052503823573358 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:54 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 4587799586847471718
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 505c4a1b8f33b9501dc8309f32946184
63f9f23d13f547243eb7391083a9dd335567cf8d
1c589ee32ea26f7a12adec894ed7f40568ee7057f546e4c776e7fb43a110a049
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 10:08:55 GMT
Last-Modified: Tue, 31 Jan 2023 14:48:38 GMT
ETag: "63d92a46-1d7"
Expires: Thu, 02 Feb 2023 14:48:38 GMT
Cache-Control: max-age=103183
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675246135
Via: cache8.l2de2[318,317,200-0,M], cache8.l2de2[318,0], cache5.se1[340,339,200-0,M], cache5.se1[341,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 10:08:55 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916752461350251198e
aegis.qq.com/aegis/whitelist?id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=3eb99fc2-dfa0-4a0f-8046-28aaf2165439&platform=100&x5Type=3&netType=100&sessionId=session-1675246153393&from=https%3A%2F%2Fpufflam.alphagg7.cyou%2F&referer=https://midasbuyreward.com/
43.137.221.145200 OK 58 B URL HTTP/2 aegis.qq.com/aegis/whitelist?id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=3eb99fc2-dfa0-4a0f-8046-28aaf2165439&platform=100&x5Type=3&netType=100&sessionId=session-1675246153393&from=https%3A%2F%2Fpufflam.alphagg7.cyou%2F&referer=https://midasbuyreward.com/
IP 43.137.221.145:0
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash 7c80c87f763075d7c8c369a48fb112fa
32af99d18ad24800ca024c00674b6947cced5b5e
bb221a7e60f804731d8965873f7826f750f4def4abbe5b3bf132a9ce4b5e636e
GET /aegis/whitelist?id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=3eb99fc2-dfa0-4a0f-8046-28aaf2165439&platform=100&x5Type=3&netType=100&sessionId=session-1675246153393&from=https%3A%2F%2Fpufflam.alphagg7.cyou%2F&referer=https://midasbuyreward.com/ HTTP/1.1
Host: aegis.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pufflam.alphagg7.cyou
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:55 GMT
content-type: application/json; charset=utf-8
content-length: 58
server: openresty
x-powered-by: Express
access-control-allow-origin: *
etag: W/"3a-Mq+Z0YrSSADKAkwAZ0tpR8ztW14"
X-Firefox-Spdy: h2
aegis.qq.com/speed/performance?dnsLookup=64&tcp=14&ssl=11&ttfb=378&contentDownload=526&domParse=3414&resourceDownload=1468&firstScreenTiming=3899&id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=3eb99fc2-dfa0-4a0f-8046-28aaf2165439&platform=100&x5Type=3&netType=100&sessionId=session-1675246153393&from=https%3A%2F%2Fpufflam.alphagg7.cyou%2F&referer=https://midasbuyreward.com/
43.137.221.145204 No Content 0 B URL HTTP/2 aegis.qq.com/speed/performance?dnsLookup=64&tcp=14&ssl=11&ttfb=378&contentDownload=526&domParse=3414&resourceDownload=1468&firstScreenTiming=3899&id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=3eb99fc2-dfa0-4a0f-8046-28aaf2165439&platform=100&x5Type=3&netType=100&sessionId=session-1675246153393&from=https%3A%2F%2Fpufflam.alphagg7.cyou%2F&referer=https://midasbuyreward.com/
IP 43.137.221.145:0
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /speed/performance?dnsLookup=64&tcp=14&ssl=11&ttfb=378&contentDownload=526&domParse=3414&resourceDownload=1468&firstScreenTiming=3899&id=1124&uin=uv_0404447576727409831615827099757&version=1.20.0&aid=3eb99fc2-dfa0-4a0f-8046-28aaf2165439&platform=100&x5Type=3&netType=100&sessionId=session-1675246153393&from=https%3A%2F%2Fpufflam.alphagg7.cyou%2F&referer=https://midasbuyreward.com/ HTTP/1.1
Host: aegis.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pufflam.alphagg7.cyou
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 01 Feb 2023 10:08:55 GMT
server: openresty
access-control-allow-origin: *
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 188.114.99.234:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 10:08:48 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20695613
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7929e3503901b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
95.101.11.89200 OK 0 B URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 95.101.11.89:0
ASN #20940 Akamai International B.V.
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
cache-control: max-age=236
expires: Wed, 01 Feb 2023 10:12:48 GMT
date: Wed, 01 Feb 2023 10:08:52 GMT
X-Firefox-Spdy: h2