Report - midasbuyreward.com/

Report Overview

Submitted URL
midasbuyreward.com/
IP
104.21.9.174
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-01 03:35:05
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
midasbuyreward.com	unknown	2020-07-25T17:18:58Z	2023-02-01T03:10:40Z	798 B	1.3 kB	104.21.9.174
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	77 kB	34.120.237.76
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	367 B	2.0 kB	151.101.66.133
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	1.7 kB	4.4 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	394 B	31 kB	142.250.74.42
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.212.170.166
ocsp.digicert.cn	37572	2020-03-20T18:45:56Z	2023-03-13T08:35:28Z	2.0 kB	6.2 kB	47.246.44.205
cdn.midasbuy.com	279351	2020-07-20T04:57:04Z	2023-03-13T07:09:30Z	7.7 kB	1.1 MB	101.33.10.108
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	1.8 kB	93.184.220.29
www.midasbuy.com	29420	2018-12-01T09:32:36Z	2023-03-09T19:20:07Z	843 B	6.6 kB	43.152.56.96
i.ibb.co	13485	2018-11-25T11:13:48Z	2023-03-13T05:33:20Z	791 B	34 kB	162.19.58.156
midas.gtimg.cn	23969	2014-10-12T17:57:26Z	2023-03-10T12:14:44Z	450 B	22 kB	23.32.89.241
www.pubgmobile.com	21653	2018-04-27T13:06:13Z	2023-03-13T05:39:38Z	423 B	75 kB	23.36.76.250
report1.midasbuy.com	358046	2021-03-05T11:44:20Z	2023-03-13T07:10:05Z	2.5 kB	1.3 kB	211.152.136.86
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	459 B	6.9 kB	104.17.24.14
3gimg.qq.com	39332	2012-05-25T10:49:41Z	2023-03-13T07:10:05Z	392 B	65 kB	203.205.136.105
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-13T07:25:00Z	810 B	79 kB	104.18.11.207
i.postimg.cc	23840	2018-04-11T12:01:12Z	2023-03-13T05:19:26Z	400 B	30 kB	162.19.88.69
pufflam.alphagg7.cyou	unknown	2023-01-31T14:18:31Z	2023-01-31T16:17:17Z	473 B	42 kB	104.21.40.28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-01 03:35:16	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-01 03:35:16	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	midasbuyreward.com/	Tencent
2023-01-31	medium	midasbuyreward.com/	Tencent

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-01	medium	midasbuyreward.com/	Phishing
2023-02-01	medium	pufflam.alphagg7.cyou/	Phishing
2023-02-01	medium	midasbuyreward.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (32)

	URL	Size	First Seen	Last Seen
	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-20
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-20 00:16:23 Times Seen54370 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	pufflam.alphagg7.cyou/	14 kB	2023-03-07	2024-02-15
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:15 Last Seen2024-02-15 00:38:45 Times Seen192 Hash af459d6c47e865b609b61332b9f7b763 35750a6299b0fc51a84efbb7e2793f54b77d334d be3ecba7d3d1926e6cc2493174b95208615bacbe3a1f452e455f715949970e29 Loading...

	pufflam.alphagg7.cyou/	1.5 kB	2023-03-07	2024-02-15
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:14 Last Seen2024-02-15 00:38:46 Times Seen182 Hash 3dff8aad2f7fd7c1323e2e637c088b9e 0eaca339a9744cb577ca6d4ec4593b0cbcdda030 9362cca6b4d9e18d8cbf241a4d2c29a33c111a16b390b6c5b93ce176fbbc16d0 Loading...

	pufflam.alphagg7.cyou/	302 B	2023-03-07	2023-04-28
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-04-28 18:53:16 Times Seen21 Hash cf80793deca5fddbd5d9059ca4bdf646 1058204b7f17648c7834ff0021faf49e350ab19c ecca3819443ad705c3432c7786b5a36a37a205f2112650d781598f2f9d91eddc Loading...

	pufflam.alphagg7.cyou/	319 B	2023-03-07	2024-03-01
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:15 Last Seen2024-03-01 06:05:18 Times Seen177 Hash 3f6443cf9e434cec1669b24356a8d36e 5f4d8cd7d987af1664c3ddd78174767f05756198 f4495cbfdd15d10e12a95e671025a8c6672efd4b55e4134f293df9c10ef4dc91 Loading...

	pufflam.alphagg7.cyou/	1.5 kB	2023-03-07	2024-02-15
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:14 Last Seen2024-02-15 00:38:45 Times Seen194 Hash 3dc89354e1a2813379694ad6cca6c131 22e8b9d079573cf342af0681020d4e0386fcb619 ebd063793f889fd0ad64efa093b01c737150a065364a54892915387f5aeebcbb Loading...

	pufflam.alphagg7.cyou/	3.7 kB	2023-03-07	2023-12-04
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-12-04 14:28:25 Times Seen27 Hash b8b4dc9b735ed0793e743b82c2dd58a3 aeb54b4aaaff663677dd795e39e50ef03ffebc69 812d37cb1bd1ee4b9394bc3c5453dbf15a3aa37abc8a317e778117d4656a54ce Loading...

	pufflam.alphagg7.cyou/	58 kB	2023-03-07	2023-04-02
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-04-02 21:18:57 Times Seen12 Hash f343fb7d495fbdc6d4302b407d5c1a0c a061f10c8ffee594ed4b491c85cb6deeb779c29d 11f4a39effc3d7c0d010bf99437122e19b9f05473278e34893d507644c4853dc Loading...

	pufflam.alphagg7.cyou/	415 B	2023-03-07	2023-12-04
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:14 Last Seen2023-12-04 14:28:25 Times Seen164 Hash 76aab504f2a6c05d9990a3ec0102f3cb 69b081012737d93a9ebc53a81e0fcf49cdc9858d adee8413469238d1c68d4c795cc0c4e346391fb150183c4d8cebbd31d49751c6 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-19 23:22:10 Times Seen263026 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	pufflam.alphagg7.cyou/	12 kB	2023-03-07	2023-04-01
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-04-01 11:15:36 Times Seen5 Hash 31e928d10f56c7c1b2ab3c5864c9b97f f9b61b71917b409981652b9436a36f642df50ffe dde98258ab302b3864d53e99e038f531177c670d1ab27f767c062cfbed8feb45 Loading...

	cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js	56 kB	2023-03-07	2023-12-04
Pretty URL cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js IP 101.33.10.108 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-12-04 14:28:25 Times Seen45 Hash 8d689e262593e607b265091fed235c15 a93d7adcaea42a3fcd54601725eebb2db0b9de23 4bcb452bf07df52c2fbd3f0a65263cd81e544cdc7d19cef7908ecb9428df15fd Loading...

	pufflam.alphagg7.cyou/	3.1 kB	2023-03-07	2023-12-04
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-12-04 14:28:25 Times Seen36 Hash a49e09146388eb6aa1953cce3fd1b3c8 e8bc611afa80fb7273038ef71572ad4110b4cf63 68555a83b237627f3750356dbb96e506f8914746fd2e4452867cef53a168e5e3 Loading...

	pufflam.alphagg7.cyou/	3.8 kB	2023-03-07	2024-02-15
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:14 Last Seen2024-02-15 00:38:45 Times Seen186 Hash 464499c6bde240eead1ec4296f4ceff2 415fcfbc4457ab1ec8711bef19a1a552f9f11dd3 4726e54326110ca00d439490179b10161d333fe4bfbe9750161f8c4fcae84b7f Loading...

	cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js	155 kB	2023-03-07	2024-01-03
Pretty URL cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js IP 101.33.10.108 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:54 Last Seen2024-01-03 12:27:54 Times Seen71 Hash 31f1cc62a3438b0bf550c48fe659eb6b 96bfd4cb2ea9f2eb0aaf9e3e8c12977465c016b8 b35045677941134c95267b374b2a153f9843260b4768a7472a995566e6d21508 Loading...

	pufflam.alphagg7.cyou/	4.6 kB	2023-03-07	2023-04-02
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-04-02 21:18:57 Times Seen12 Hash 620c0068b05ea9f1422eb8434815cfff a08edc0a0008d26b186adba1d2c6b548b408ac37 f585db41fd3f42b6a18f21acdf3e913ed6f55595a7d1e824c53f323d9d6d9b0f Loading...

	pufflam.alphagg7.cyou/	194 B	2023-03-07	2023-12-04
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:14 Last Seen2023-12-04 14:28:25 Times Seen158 Hash 2d5f441acb65679ce39e1cbd247c6831 2f6c3bc662491cda0494213a8a4ab6bd60c3f46c c9c6f25c356f6fc9976ecfa863299f996e88ee7bdd22dbba515e90ec95adf75c Loading...

	pufflam.alphagg7.cyou/	49 kB	2023-03-07	2023-04-01
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-04-01 11:15:36 Times Seen5 Hash 1ee38434a988b143bdc45cf930e560a2 7a37ff11a4c3a27fb68f8cad43e9a41067382861 4f6468f5994263f7f3bb99eccdebf7959aec51087f4fd44cea5cc2af0ef575cd Loading...

	pufflam.alphagg7.cyou/	1.2 kB	2023-03-07	2023-04-02
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-04-02 21:18:57 Times Seen12 Hash ee2dcb5dff512096bdd92cb71a73ecec 180ad75c4822d27fe42878e1186d9c15fffdc1cd a3a73a44eb2beca59c6b59e426ceb27c7be4b8802f5b5e373547f7cd628e1b08 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 04:17:10 Times Seen36969565 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js	73 kB	2023-03-12	2023-05-09
Pretty URL cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js IP 101.33.10.108 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:16:06 Last Seen2023-05-09 00:31:06 Times Seen235 Hash 82e52d4ad86bd59c43c44c1aafcb2ffb f74ce7be91c6784e0711e98a9ade6ed0c9ff8724 1cc5a77bbaff50236632a41e80941f8aaca70663b572370c9ace986afa89768b Loading...

	pufflam.alphagg7.cyou/	434 B	2023-03-07	2023-12-04
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:15 Last Seen2023-12-04 14:28:25 Times Seen170 Hash 71420f6ce5edda08fad8866523fcb517 01315e5e70378728b1944276c219450f225e6271 8dcfe0636cdd8384284aca68cd92ba85f563cd0ffd0c0c9ed0af6c4a13224307 Loading...

	pufflam.alphagg7.cyou/	6 B	2023-03-07	2024-04-19
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:38 Last Seen2024-04-19 22:54:58 Times Seen7111 Hash edaddb8132e9e0880252c5b6c47bf1c1 dc08b5b6ca432b46cca94f1f297491e1b08736ea b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e Loading...

	pufflam.alphagg7.cyou/	2.3 kB	2023-03-07	2023-12-04
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2023-12-04 14:28:25 Times Seen36 Hash c8769b7a11a2ad7477f051e28a1bc334 f51d0068787d2f7bc9b6aee2ede660cf51a7504e 679debf2f9bf049acb5abc322b6f9cee34dfcbcf7d59c1d959573d6e89fffd1e Loading...

	pufflam.alphagg7.cyou/	1.1 kB	2023-03-07	2024-02-15
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:14 Last Seen2024-02-15 00:38:46 Times Seen194 Hash 37fec33b62560ca61c6fd07305e0ccbf 7ac8ab5a9a25d1f994e772b0a3ef0a1a9b909f51 6d444adacb9d4e007f319da3c4b03ec02206737291dffc63ddb797cdfc58b5ee Loading...

	pufflam.alphagg7.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-20
Pretty URL pufflam.alphagg7.cyou/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-20 04:00:01 Times Seen54573 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	pufflam.alphagg7.cyou/	1.1 kB	2023-03-07	2023-12-04
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:14 Last Seen2023-12-04 14:28:25 Times Seen157 Hash 06559eeda3f0d4499b9b85a9ea1dfe8a ae386ecb9f4c43f58e55960654ffb9e9b3cc3f0c 954f0aa8d812ca5e9dbbcad4572d83b7c430daefd9e46ec94ed4b6b70405976a Loading...

	pufflam.alphagg7.cyou/	2.9 kB	2023-03-07	2023-04-05
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:14 Last Seen2023-04-05 02:03:35 Times Seen135 Hash 68324ff0497aa2ac407ef8209d591e75 50cffeaf721f8342229d72275d88b64f57c12b8a fa642f6456d0bcbd4345ac01ba1661d4eaa1669f01a8320f46ee588b7f8ec1bf Loading...

	pufflam.alphagg7.cyou/	486 B	2023-03-07	2024-04-07
Pretty URL pufflam.alphagg7.cyou/ IP 104.21.40.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2024-04-07 18:21:51 Times Seen66 Hash d846c9417232d613ab5c03d8a48e7b39 4d7fa6071f3503e59d5d5ae1588a9e9130d62888 a1e6add7479c247025a82b313254985106e0ada3461f522fd475a9352a40307f Loading...

		Size	First Seen	Last Seen
	#1 Eval - fc30419e84d82d790e52bd5375465cd4	46 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 12:09:15 Last Seen2024-04-07 18:21:51 Times Seen211 Hash fc30419e84d82d790e52bd5375465cd4 98caf925a10cd43df9e2526a66131e9028263136 233ba86e09b91df5555f7d8b4c293ef85dcdcfc9eb9afe6ab4eba6c17ec9ff58 Loading...

	#2 Eval - 61fa153f2827c887a48a351ae3c6cfd3	8 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:50 Last Seen2024-04-19 15:21:29 Times Seen798 Hash 61fa153f2827c887a48a351ae3c6cfd3 5fbd02245cf700ea94d638c8d76924ecca52d330 4c44d7c28ec0f6ca3e2624c6af1d3be324576d01ef6f6c2dc0af7e61664b8c2c Loading...

	#3 Eval - 6d18d1afe155f6242c17e07d33d09993	46 B	2023-03-07	2024-04-07
Pretty Observations First Seen2023-03-07 12:09:15 Last Seen2024-04-07 18:21:51 Times Seen212 Hash 6d18d1afe155f6242c17e07d33d09993 4555f0dc57d5c38ed9875a16ee353797bab5f6c9 a7966dcf55576c481b961069433166bc9ff22abf9acf5f4738ccb767a1a9a2e7 Loading...

HTTP Transactions (65)

URL IP Response Size

midasbuyreward.com/

104.21.9.174

301 Moved Permanently

0 B

URL HTTP/1.1
midasbuyreward.com/
IP
104.21.9.174:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: midasbuyreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Feb 2023 03:34:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 01 Feb 2023 04:34:54 GMT
Location: https://midasbuyreward.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=341MMxa5wwXJiXh4s%2BerG%2BNMoQUoWZwF%2FaymgcwNlS1WaPAxFu%2F2t1nuquxfmx54AmD3LJVriq%2FZqJPCqPLuTcJ031B5Fuhz3KH89HHwXNsN%2FmBZTAwNGriHHl8sSm3xOF%2BmCxE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7927a24cbc65b4f3-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13629
Expires: Wed, 01 Feb 2023 07:22:03 GMT
Date: Wed, 01 Feb 2023 03:34:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6999
Expires: Wed, 01 Feb 2023 05:31:33 GMT
Date: Wed, 01 Feb 2023 03:34:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 02:43:23 GMT
content-type: application/json
age: 3091
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10076
Expires: Wed, 01 Feb 2023 06:22:50 GMT
Date: Wed, 01 Feb 2023 03:34:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Ci0IXVvqeOe1L12MdEDsHAvBCuBkuzMJ93PAmLthg2FWYw28snMF2jZj4EDh1/NjW9ByOVQeggI=
x-amz-request-id: 95DV2JX4H2YPH4K3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 02:51:24 GMT
age: 2610
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 03:34:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
986417728c4fdf53482e2a912f2f931a
79acc0a0fde9cee25688b40c6a87f019de070e01
bba453b8e9837dd91d12a46f832f7d2fad1220c29a86ec5f2453fd224bfc2e80

HTTP Headers

POST /s/gts1p5/Y51sqwKdZ10 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 02:49:04 GMT
age: 2750
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14210
Expires: Wed, 01 Feb 2023 07:31:45 GMT
Date: Wed, 01 Feb 2023 03:34:55 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6395
Cache-Control: max-age=90042
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Etag: "63d8819e-118"
Expires: Thu, 02 Feb 2023 04:35:37 GMT
Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3237
Cache-Control: max-age=86884
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Etag: "63d8819e-118"
Expires: Thu, 02 Feb 2023 03:42:59 GMT
Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6395
Cache-Control: max-age=90042
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Etag: "63d8819e-118"
Expires: Thu, 02 Feb 2023 04:35:37 GMT
Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280

ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

142.250.74.42

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32030)
Size
30 kB (30244 bytes)
Hash
04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2

HTTP Headers

GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:43:24 GMT
expires: Tue, 30 Jan 2024 18:43:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 118291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
986417728c4fdf53482e2a912f2f931a
79acc0a0fde9cee25688b40c6a87f019de070e01
bba453b8e9837dd91d12a46f832f7d2fad1220c29a86ec5f2453fd224bfc2e80

HTTP Headers

POST /s/gts1p5/Y51sqwKdZ10 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.212.170.166

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.212.170.166:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xxb8O0nHFLYjDR/HDiuqQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ccA/wW2Mgu+Tu2lpC7Rtm8YKb+I=

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.24.14

200 OK

5.8 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:56 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3459354
expires: Mon, 22 Jan 2024 03:34:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sFDaO5ZLE6dZYCdv14SiIIHTxLeuxkY4mipfNM3xfysbfJMomtVty0nQyYU1GuZqzrYE4ifLF%2B24omXNdYl8%2FPq9me0luiYCr%2BX5EXeNoL3vZ1Xm%2BMuEQ9AcL4aOjm0pdaxKth5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7927a2583dfb0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10752
Expires: Wed, 01 Feb 2023 06:34:08 GMT
Date: Wed, 01 Feb 2023 03:34:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0378a78-c173-4036-ab09-812b1651c606.jpeg

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0378a78-c173-4036-ab09-812b1651c606.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8542 bytes)
Hash
85cde231b700eec450e0611b97742a43
c2c6279d74efdcceb319d6943cbcb9d1d1b686ca
d52297e17f93932aa7c99ae734d4b68f3b9b09b9938db95ecc96bac9f3bb588c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0378a78-c173-4036-ab09-812b1651c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8542
x-amzn-requestid: ad485963-7e2e-410d-ad1c-6386fb738f18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaVHXcoAMFuhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-12d7e4502d1fc1511b6f2260;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rC264m8TiZxhRlRlGWDTLZY35P1iIQMwBsfaz6gBVgQEZapoCU2PBg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:20 GMT
age: 21156
etag: "c2c6279d74efdcceb319d6943cbcb9d1d1b686ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15857 bytes)
Hash
4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 07:27:38 GMT
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
age: 72438
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15656 bytes)
Hash
a4392f298c9e98515493f1235810838f
b89eebf2b8adac69487262100b07da8bc171ecf7
b368d87d3a0fe4e1a8ddc82bed704b3056ad2874b8d325111b399b18807c1e5e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15656
x-amzn-requestid: 6723d22f-8b16-4fb2-af92-9b3257fc2a1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIHpRoAMFRYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-03b1c6646f63ba716a6298e1;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI_26DHcHAlPCmTjye1fME6LZ-P77thSz8OXLtyxZS2613uv0SAH7Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 07:26:49 GMT
age: 72487
etag: "b89eebf2b8adac69487262100b07da8bc171ecf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14809 bytes)
Hash
1ad49e3ca0f9935c7ff8f922039e5864
6382ee41cb26e42293e1ba5d9f0d3af64ddb672c
7a838e4e1aff60581fbf939920955ea67dae8fb3fa4e31572787c773404d071e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14809
x-amzn-requestid: fc920367-4bb1-40fd-9f1d-1d50b27cfc77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaXEQEoAMF3Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-0f70e0252fc3a3e5248bb372;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _DJyuRqSNr1URN__l7CCcUxBQIxKze2Uyo-BwQzSahrJCvFJcT8w1w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:21 GMT
age: 21155
etag: "6382ee41cb26e42293e1ba5d9f0d3af64ddb672c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8415 bytes)
Hash
6544847aa1270cea1c780e4ee562f2a2
7be75a9f2e5f9e945f60a20a5da70849ad32f72d
d820b25b833d644358c0d9d5a3dc05817770095c06a098a6fc8ed9b7230c80e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8415
x-amzn-requestid: 0d44aaae-d472-410f-9438-7527da366b10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCuGHRqoAMFxeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e4c0-7e7330ab2de5c1ba3e87df4b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:15:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fr2OB2bcdPtbbHXp2z2l7duVX--MbbazfFJAh_V7qqUMMFEme5bRpw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 06:46:28 GMT
age: 74908
etag: "7be75a9f2e5f9e945f60a20a5da70849ad32f72d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75e9c06f-eac8-447e-904f-1b0cf0521126.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7806 bytes)
Hash
87a825fd1273ebc211a58aea9ec50339
752e7b3bd92cb7e4be4c221dd7a9ad5edb684269
b6e26537647368313da1ad97f0e49204fb04c624ed6d6be083c05db4787f5497

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75e9c06f-eac8-447e-904f-1b0cf0521126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7806
x-amzn-requestid: b8068d9d-4d56-447a-b1f0-e72428875fac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflmiFnJoAMFpGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c90-26c132b471c6df2f371b1da3;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:13:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MotWwbdPt9slf0LdfmmlNVM7-X4iSjjNyd5_lcLaxGMVho8Wq4eRBg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 08:50:38 GMT
age: 67458
etag: "752e7b3bd92cb7e4be4c221dd7a9ad5edb684269"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

151.101.66.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1459 bytes)
Hash
f93793d4aabea917afa4a27fb1cb00cd
6573441944d39106b2669c60e92ba055610d21fd
240fa48a472669b1f88939cdeb0457ee32a453a90d855045824c5c7a3037847c

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 00:38:38 GMT
ETag: "6573441944d39106b2669c60e92ba055610d21fd"
Last-Modified: Wed, 01 Feb 2023 00:38:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 01 Feb 2023 03:34:58 GMT
Age: 2662
X-Served-By: cache-qpg1232-QPG, cache-bma1669-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 28, 0
X-Timer: S1675222498.153803,VS0,VE385

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 03:34:58 GMT
Last-Modified: Tue, 31 Jan 2023 11:36:43 GMT
ETag: "63d8fd4b-1d7"
Expires: Thu, 02 Feb 2023 11:36:43 GMT
Cache-Control: max-age=115305
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675222498
Via: cache20.l2de2[4,4,200-0,M], cache20.l2de2[5,0], cache4.se1[26,26,200-0,M], cache4.se1[27,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:58 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816752224988365786e

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 03:34:58 GMT
Last-Modified: Tue, 31 Jan 2023 11:36:43 GMT
ETag: "63d8fd4b-1d7"
Expires: Thu, 02 Feb 2023 11:36:43 GMT
Cache-Control: max-age=115305
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675222498
Via: cache8.l2de2[4,3,200-0,M], cache8.l2de2[6,0], cache1.se1[28,28,200-0,M], cache1.se1[30,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:58 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516752224988356590e

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 03:34:58 GMT
Ali-Swift-Global-Savetime: 1675222498
Via: cache20.l2de2[6,6,200-0,M], cache20.l2de2[7,0], cache7.se1[29,29,200-0,M], cache7.se1[30,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:58 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16752224988367124e

cdn.midasbuy.com/oversea_web/static/css/media-f6bc833bbb.html.css

101.33.10.108

200 OK

21 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/css/media-f6bc833bbb.html.css
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (20706 bytes)
Hash
16856c0e112045ee8f444e00bc3cb732
fe8651b02063981af4a12786d2f0a94b3ee63053
d774f07a90d5b99872198c0a892f8d722a734bd78c8d553e5299db8d628938c6

HTTP Headers

GET /oversea_web/static/css/media-f6bc833bbb.html.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: text/css
content-length: 20706
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Fri, 02 Apr 2021 11:54:18 GMT
content-encoding: gzip
x-nws-log-uuid: e73ad86f-70ff-4bf7-8d09-ffdfe022146a
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css

101.33.10.108

200 OK

36 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
ASCII text, with very long lines (65536), with no line terminators
Size
36 kB (36202 bytes)
Hash
de38e9ea125cb741d20e2931dd1a4688
a02d6429a26cda558582bace903abcc4281b433e
9e5caa5a21f6440a822e11a2df244f50d833e23e4fd1bfe4d99f1b819cf69616

HTTP Headers

GET /oversea_web/static/css/vendor-87839280b2.html.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: text/css
content-length: 36202
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Thu, 01 Apr 2021 02:25:50 GMT
content-encoding: gzip
x-nws-log-uuid: 2d51831d-7580-4f34-ac20-e184cd02071e
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css

101.33.10.108

200 OK

3.1 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
ASCII text, with very long lines (17999), with no line terminators
Size
3.1 kB (3106 bytes)
Hash
053c2bfc207a143e1eda8dfe42fcbaca
922c6d61943ce7826a64cf30b6876a2edf5edf6a
31bf5fce5aa7dc1c21608e8179bb580765270e8bd86de5482ba8a4aee7cc0ba6

HTTP Headers

GET /oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: text/css
content-length: 3106
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Thu, 08 Apr 2021 09:43:27 GMT
content-encoding: gzip
x-nws-log-uuid: fa09daeb-483c-4c53-af08-bd4bff1195ae
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2

3gimg.qq.com/tele_safe/static/tfg/pc/tfg.v1.0.18.js

203.205.136.105

200 OK

64 kB

URL HTTP/2
3gimg.qq.com/tele_safe/static/tfg/pc/tfg.v1.0.18.js
IP
203.205.136.105:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
Unicode text, UTF-8 text, with very long lines (47403), with NEL line terminators
Size
64 kB (64381 bytes)
Hash
8a34837795e4cdec2c6c73a4552ff290
a62522ee006fdb198bb896c43c3cb5b7bfc42dc8
b209750403ec33d58f44da1b1cd11625f4a38aef97d438c7bc0e4683ee4f873d

HTTP Headers

GET /tele_safe/static/tfg/pc/tfg.v1.0.18.js HTTP/1.1
Host: 3gimg.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "9766758ab4540071f60a1dcde343d4e2d382b02e"
date: Sat, 28 Jan 2023 09:20:46 GMT
content-type: application/javascript
ip: 0.0.0.0
server: TencentCOS
x-cos-storage-class: STANDARD_IA
x-cos-hash-crc64ecma: 13594462328696689996
x-cos-object-type: normal
access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-headers: *
accept-ranges: bytes
last-modified: Sat, 09 Apr 2022 02:31:37 GMT
content-encoding: gzip
content-length: 64381
x-nws-log-uuid: 3129989985077550419
x-cache-lookup: Cache Hit, Hit From Inner Cluster
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/js/production.midas.runtime.js

101.33.10.108

200 OK

92 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/js/production.midas.runtime.js
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
ASCII text, with very long lines (32077)
Size
92 kB (92388 bytes)
Hash
952643514d71972f6df35e4b8e8482fb
b0ac29d75ac0835e4e30810942558d9b1562966f
cf6214a3a22e442208e57b7ae26a0f5bab6b941aa7d4d15eca703f02b8e0fd9a

HTTP Headers

GET /oversea_web/static/js/production.midas.runtime.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: application/javascript
content-length: 92388
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Tue, 31 Jan 2023 10:12:39 GMT
content-encoding: gzip
x-nws-log-uuid: 91518048-8a44-413c-a40d-c7ab8fdd763d
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/apps/pubgm/guide002.png

101.33.10.108

200 OK

448 kB

URL HTTP/2
cdn.midasbuy.com/images/apps/pubgm/guide002.png
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 1338 x 750, 8-bit colormap, non-interlaced\012- data
Size
448 kB (448284 bytes)
Hash
597f725d1acdadf8ac263021465ed51b
47d931fbbf164780a8a71cdfd9d3cb53b5ca583a
46101013f8555231d5e1e2bb9b09c402a334d29323094101d6caff277afd5c31

HTTP Headers

GET /images/apps/pubgm/guide002.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: image/png
content-length: 448284
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Wed, 01 Dec 2021 10:12:19 GMT
x-nws-log-uuid: 7270e57e-1369-4112-bfc7-16e3dbb4db8e
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js

101.33.10.108

200 OK

48 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
Unicode text, UTF-8 text, with very long lines (65487), with no line terminators
Size
48 kB (47711 bytes)
Hash
1ad01901b3fbfd646fcccee0a421a506
f03614a96dd6dfce69dfdee3b60b9872f9caf5e6
f1f3e3835d75d07a242dd39f889e5c2e2ce66b1f566e17fdb632f5eb2979e688

HTTP Headers

GET /oversea_web/static/js/buypage.052bbaf6.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: application/javascript
content-length: 47711
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Wed, 10 Mar 2021 08:45:21 GMT
content-encoding: gzip
x-nws-log-uuid: 9b60ad8c-681e-4efc-8d4e-3c26ebe46988
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 03:34:59 GMT
Last-Modified: Tue, 31 Jan 2023 11:36:43 GMT
ETag: "63d8fd4b-1d7"
Expires: Thu, 02 Feb 2023 11:36:43 GMT
Cache-Control: max-age=115304
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675222499
Via: cache9.l2de2[465,464,200-0,M], cache9.l2de2[465,0], cache3.se1[486,486,200-0,M], cache3.se1[487,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:59 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716752224988334702e

cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js

101.33.10.108

200 OK

19 kB

URL HTTP/2
cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
data
Size
19 kB (18940 bytes)
Hash
a3b2cf6cabef87509597419b4209f705
c81b2fe2cad2901dc967220505f6d633bdd1e22b
5db724dca089dc2e36974b4398d2209ba0a84e8b5e1b1d2af6f23d2e504a5dda

HTTP Headers

GET /h5/overseah5/js/midas-oversea-h5page.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: application/javascript
content-length: 11963
cache-control: max-age=259200
expires: Sat, 04 Feb 2023 03:34:58 GMT
last-modified: Thu, 05 Jan 2023 09:24:23 GMT
content-encoding: gzip
x-nws-log-uuid: 766538bb-e7cc-4bf7-aeef-8df50b0a72ff
x-cache-lookup: Hit From MemCache Gz
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js

101.33.10.108

200 OK

18 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
Unicode text, UTF-8 text, with very long lines (46187), with NEL line terminators
Size
18 kB (18232 bytes)
Hash
493a3307cf580b5a836d2baf8e0dcd87
b0e5683b251c38060f2086e1abb0204071000375
144a3f1bae789f0a2cc849f82979d5621429eb3a91f18ba6d5aeb8d53e21d4d8

HTTP Headers

GET /oversea_web/static/js/header.bbcf2110.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: application/javascript
content-length: 18232
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Wed, 10 Mar 2021 08:45:22 GMT
content-encoding: gzip
x-nws-log-uuid: e26c6f8f-81c8-4080-b630-3d4bee0f7626
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
b19bb0c76ca5238a19af8774bf37af92
95d108285c2c9e4e6336a6a1ed5815a622dea92e
6f127d04a9b0f5af355935f4454e13f94072987e094edc1a0c7829b9b0beaa76

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 03:34:59 GMT
Ali-Swift-Global-Savetime: 1675222499
Via: cache10.l2de2[4,4,200-0,M], cache10.l2de2[5,0], cache4.se1[26,26,200-0,M], cache4.se1[27,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:59 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816752224999316091e

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 03:35:00 GMT
Ali-Swift-Global-Savetime: 1675222500
Via: cache25.l2de2[1399,1398,200-0,M], cache25.l2de2[1400,0], cache5.se1[1420,1420,200-0,M], cache5.se1[1422,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:35:00 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916752224988346876e

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.11.207

200 OK

77 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65371)
Size
77 kB (77083 bytes)
Hash
0ddeb754ad36af0d4a13c17e226141ef
a0e9287e25d4e1684a0ac4373960942f73dd9a9c
56b9499cbce54062bc05948a4d311285c44cddf2e1da678c1eafb85bef26ce4f

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 23332832
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7927a2536c8fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.midasbuy.com/oversea_web/static/images/big-new-close-icon.png

43.152.56.96

200 OK

396 B

URL HTTP/2
www.midasbuy.com/oversea_web/static/images/big-new-close-icon.png
IP
43.152.56.96:0
ASN
#139341 ACE

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
396 B (396 bytes)
Hash
fe283af4d8973303b3c88122f5de5aa3
d90f66de4a3f4bc3da8965bcdfdc9185f6103bcf
a71399ae5345a2a9e04ebc66f0a50a7703264858632fa3f6bd7efc6a31c05af5

HTTP Headers

GET /oversea_web/static/images/big-new-close-icon.png HTTP/1.1
Host: www.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 19 May 2020 08:36:36 GMT
content-encoding: gzip
etag: "5ec39a94-175"
server: nginx
date: Thu, 30 Jun 2022 06:20:40 GMT
content-type: image/png
expires: Sat, 30 Jul 2022 06:20:40 GMT
cache-control: max-age=2592000
content-length: 396
accept-ranges: bytes
eo-log-uuid: 4289442383508508456
eo-cache-status: HIT
X-Firefox-Spdy: h2

www.midasbuy.com/oversea_web/static/images/pc-logo.png

43.152.56.96

200 OK

5.4 kB

URL HTTP/2
www.midasbuy.com/oversea_web/static/images/pc-logo.png
IP
43.152.56.96:0
ASN
#139341 ACE

File type
PNG image data, 442 x 88, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5426 bytes)
Hash
d4b222d824ad52cd77c1eb76e96b77dd
81ed6d1d6f885d529f30add9e76e1dec27d61757
c96e7ada49314f46576365e190183fefabdcdbbf7737b648a7b36f4aa6b46444

HTTP Headers

GET /oversea_web/static/images/pc-logo.png HTTP/1.1
Host: www.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Fri, 18 Oct 2019 06:55:12 GMT
content-encoding: gzip
etag: "5da961d0-151b"
server: nginx
date: Thu, 30 Jun 2022 06:20:40 GMT
content-type: image/png
expires: Sat, 30 Jul 2022 06:20:40 GMT
cache-control: max-age=2592000
content-length: 5426
accept-ranges: bytes
eo-log-uuid: 841938056290712245
eo-cache-status: HIT
X-Firefox-Spdy: h2

i.ibb.co/V9rgBqw/twitter-text.png

162.19.58.156

200 OK

4.3 kB

URL HTTP/2
i.ibb.co/V9rgBqw/twitter-text.png
IP
162.19.58.156:0
ASN
#16276 OVH SAS

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 03:35:01 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/Wg8qQxh/facebook-text.png

162.19.58.156

200 OK

29 kB

URL HTTP/2
i.ibb.co/Wg8qQxh/facebook-text.png
IP
162.19.58.156:0
ASN
#16276 OVH SAS

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 03:35:01 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/28sztvcd/season-Token.png

162.19.88.69

200 OK

30 kB

URL HTTP/2
i.postimg.cc/28sztvcd/season-Token.png
IP
162.19.88.69:0
ASN
#16276 OVH SAS

File type
PNG image data, 135 x 130, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (29942 bytes)
Hash
d02c9d4d558a113e2aebd45c7d8237dc
edd72f80a319adf3fec2f3f061c1b82d6bf59aa7
7fb8131422bba9cda088005359870721b090dcd043d3cea030367be68c6328a6

HTTP Headers

GET /28sztvcd/season-Token.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 03:35:01 GMT
content-type: image/png
content-length: 29942
last-modified: Sun, 03 Jul 2022 09:35:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/M19-1920x240.22e16422.jpg

101.33.10.108

200 OK

209 kB

URL HTTP/2
cdn.midasbuy.com/images/M19-1920x240.22e16422.jpg
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
JPEG image data, baseline, precision 8, 1920x240, components 3\012- data
Size
209 kB (209426 bytes)
Hash
22e164220ff037d248962b7c5d63d540
c936e9106ca578d2169303bae598903a985ffa78
e997b83d3adb675fdba866c19f2da95876dc737467d76287e81dedd1b2aeaf6c

HTTP Headers

GET /images/M19-1920x240.22e16422.jpg HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:01 GMT
content-type: image/jpeg
content-length: 209426
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:00 GMT
last-modified: Wed, 11 Jan 2023 08:47:45 GMT
x-nws-log-uuid: f7eda1d0-7572-4f77-a375-dfb1c88ee8ae
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/pc-fb-eade39686c.png

101.33.10.108

200 OK

2.4 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/images/pc-fb-eade39686c.png
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2407 bytes)
Hash
eade39686c453acaf33a01a6e36268fc
ce7fb98da8caaa54fe9d73dec432dd45835aa70d
528ec4ee6f56ace1dd9c394fa067175b7192828bc3b68e264e7494448f31b27e

HTTP Headers

GET /oversea_web/static/images/pc-fb-eade39686c.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 2407
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
x-nws-log-uuid: aec804b5-d200-42be-ace2-2849ebebeb10
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2

pufflam.alphagg7.cyou/

104.21.40.28

200 OK

41 kB

URL HTTP/2
pufflam.alphagg7.cyou/
IP
104.21.40.28:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (437), with CRLF line terminators
Size
41 kB (41355 bytes)
Hash
068d8babe6ee79bf611ead97f71680da
98bfca7c473f9e9152822c445a9dd85f703ac377
537702ce0ea87bf3ca1a85885632858f69e3fee25611141ec7eb2d61f34e38bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pufflam.alphagg7.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:55 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXJmnDyG7XLmpD6n4mPUKcFpwRS90W53zt66S8esoVkliQzsn68zuE41L7jtXNWM6OGH%2FmZgnSlFbGw8rIuSBbsnYR5t09kszlS1qZ8n1slvFPNI2BRRL08gKJ6UgOAmLHTXv%2F6HUmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7927a2547a41b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/pc-logo-5f404ea479.png

101.33.10.108

200 OK

5.4 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/images/pc-logo-5f404ea479.png
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 442 x 88, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5403 bytes)
Hash
5f404ea4792424375fa4b16a520555ed
8a3e448779780a80af9adc5081e4fa793e51f436
607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985

HTTP Headers

GET /oversea_web/static/images/pc-logo-5f404ea479.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 5403
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
x-nws-log-uuid: 1b4d738d-c103-43c1-aa24-9ba13683b10c
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png

101.33.10.108

200 OK

6.3 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 160 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
6.3 kB (6303 bytes)
Hash
6a7af30a7db00d745c395f37234ecb68
0094e6e517c0fb4d166372df84b0b39ae53a262f
0909bf522ff7dc29fa8915273ff58051a142650fc1dd72616d441da6bcf8a4d0

HTTP Headers

GET /oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 6303
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:17 GMT
x-nws-log-uuid: 2d245b83-3044-4e50-b2cf-f5b1d9aa24ad
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/list-active-new-0f7ecf2cdd.svg

101.33.10.108

200 OK

615 B

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/images/list-active-new-0f7ecf2cdd.svg
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text
Size
615 B (615 bytes)
Hash
0f7ecf2cddefd1c786fd11e60a3f183a
59911a60b5049a6d980646cc27b24fde94d0763f
362a7ee07b4a9bf9f2ce90cf4de3ed1535b38c0a2d55c8db4c921c068d46f313

HTTP Headers

GET /oversea_web/static/images/list-active-new-0f7ecf2cdd.svg HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/svg+xml
content-length: 615
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:31 GMT
x-nws-log-uuid: 2d1d9f20-6922-4d08-8861-995b5b69a8f0
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png

101.33.10.108

200 OK

114 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 326 x 480, 8-bit/color RGBA, non-interlaced\012- data
Size
114 kB (113890 bytes)
Hash
c8325e2e0e5cde4df1581a63800f7086
8219f8045bb6441c7b8fdb92c94595c7327918c0
9b66bc540c283d4587d4bd6df50a100bf1f18158655e24234f103f0bc419e9e3

HTTP Headers

GET /oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 113890
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
x-nws-log-uuid: b633c98b-0d87-4080-90e1-c430d470ad56
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/codmicon/card-bg-097257145b.png

101.33.10.108

200 OK

46 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/images/codmicon/card-bg-097257145b.png
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 326 x 480, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (45735 bytes)
Hash
097257145b436869d2c0978b4cdd3454
d486c55eb3764f83f22550d72b0b932c8812826a
1c27de241af0b7402928d9d99af6288c1570d31a781dd0637a35fa51d8b7088b

HTTP Headers

GET /oversea_web/static/images/codmicon/card-bg-097257145b.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 45735
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
x-nws-log-uuid: da3c3c6c-b549-4ce9-814d-6fd3835e6857
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=3
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/arrow-icon-54d438045f.png

101.33.10.108

200 OK

360 B

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/images/arrow-icon-54d438045f.png
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
360 B (360 bytes)
Hash
54d438045f0281be67ce99d4961caa5e
c862dda6d99691930cba1d401629e31358cadb52
a521b418fd37d48c7a770e7c9438bf56c8a564df2ae8a77c60865f0614361ec7

HTTP Headers

GET /oversea_web/static/images/arrow-icon-54d438045f.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 360
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:08 GMT
x-nws-log-uuid: 3c641fd8-ed82-4876-b661-4ccc090885b6
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/feedback-icon-d5219efc94.png

101.33.10.108

200 OK

1.3 kB

URL HTTP/2
cdn.midasbuy.com/oversea_web/static/images/feedback-icon-d5219efc94.png
IP
101.33.10.108:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
PNG image data, 20 x 16, 8-bit/color RGBA, interlaced\012- data
Size
1.3 kB (1272 bytes)
Hash
d5219efc94471d4bb43fc126151b89ed
ee8a891c098f366da2d881851c35e322fcc91865
62a6940b8ff01e27be4e854346e4f734bed11d64c1378b70b30f0385c645a575

HTTP Headers

GET /oversea_web/static/images/feedback-icon-d5219efc94.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 1272
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:27 GMT
x-nws-log-uuid: 907cc1d0-8925-4728-a8d6-46467981efd0
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2

midas.gtimg.cn/oversea_web/static/images/flag/world.2556fe97306bdec1268d8b8a935b56c5.jpg

23.32.89.241

200 OK

22 kB

URL HTTP/2
midas.gtimg.cn/oversea_web/static/images/flag/world.2556fe97306bdec1268d8b8a935b56c5.jpg
IP
23.32.89.241:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2040, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3471], baseline, precision 8, 22x13, components 3\012- data
Size
22 kB (21503 bytes)
Hash
2556fe97306bdec1268d8b8a935b56c5
921f418284527e287e00fd4223595db666b227a1
3dd04893dcf4fb0b4eabdc3a2d5bec009f6a81d3ee066501ed1cdda9705c9cd8

HTTP Headers

GET /oversea_web/static/images/flag/world.2556fe97306bdec1268d8b8a935b56c5.jpg HTTP/1.1
Host: midas.gtimg.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: X2S_Platform
x-nws-log-uuid: be4b9aa5-53c2-43f6-9c8d-256db6d1f82e
server_ip: 203.205.136.85
last-modified: Wed, 17 Jul 2019 09:21:05 GMT
x-cache-lookup: Hit From Upstream
content-type: image/jpeg
content-length: 21503
x-verify-code: a965555672a45e97857023b2cfaec129
x-nws-uuid-verify: 018920d605788ea8298abdc5d655cde0
x-daa-tunnel: hop_count=1
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:02 GMT
date: Wed, 01 Feb 2023 03:35:02 GMT
X-Firefox-Spdy: h2

www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg

23.36.76.250

200 OK

75 kB

URL HTTP/2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP
23.36.76.250:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size
75 kB (75149 bytes)
Hash
92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

HTTP Headers

GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
cache-control: max-age=300
expires: Wed, 01 Feb 2023 03:40:02 GMT
date: Wed, 01 Feb 2023 03:35:02 GMT
X-Firefox-Spdy: h2

report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521379|6=1675222521379|29=0404447576727409831615827099757&rr=0.9549230023733852

211.152.136.86

200 OK

463 B

URL HTTP/2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521379|6=1675222521379|29=0404447576727409831615827099757&rr=0.9549230023733852
IP
211.152.136.86:0
ASN
#139341 ACE

File type
data
Size
463 B (463 bytes)
Hash
f60ccdf9b658445e8a8e7e0286a042ad
bbb7cdf4de9a09911e75230096b870cdce9131b5
f644d6591fcc9e2754c42c8c82289a251c3fe47fc27a1fafd53904d81b3eb21b

HTTP Headers

GET /cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521379|6=1675222521379|29=0404447576727409831615827099757&rr=0.9549230023733852 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:35:03 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 6356624538204940703
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2

report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|36=https%3A%2F%2Fmidasbuyreward.com%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0|51=&r=0.6334734515655998

211.152.136.86

200 OK

29 B

URL HTTP/2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|36=https%3A%2F%2Fmidasbuyreward.com%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0|51=&r=0.6334734515655998
IP
211.152.136.86:0
ASN
#139341 ACE

File type
JSON data\012- , ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
2935fb252651c11a0686fa86463b502b
61d2f0bb210e47ae4e1828536a5a8ab18db01017
37bb2788d2a768dc291105ef695562033e91d7b6d0283600d27d482b985d27ae

HTTP Headers

GET /cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|36=https%3A%2F%2Fmidasbuyreward.com%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0|51=&r=0.6334734515655998 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:35:03 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 659855397733652164
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2

report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521468|6=1675222521468|29=0404447576727409831615827099757&rr=0.9797437526555267

211.152.136.86

200 OK

29 B

URL HTTP/2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521468|6=1675222521468|29=0404447576727409831615827099757&rr=0.9797437526555267
IP
211.152.136.86:0
ASN
#139341 ACE

File type
JSON data\012- , ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
2935fb252651c11a0686fa86463b502b
61d2f0bb210e47ae4e1828536a5a8ab18db01017
37bb2788d2a768dc291105ef695562033e91d7b6d0283600d27d482b985d27ae

HTTP Headers

GET /cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521468|6=1675222521468|29=0404447576727409831615827099757&rr=0.9797437526555267 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:35:03 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 13170864836470097446
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2

midasbuyreward.com/

172.67.161.34

200 OK

0 B

URL HTTP/2
midasbuyreward.com/
IP
172.67.161.34:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Tencent
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: midasbuyreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:55 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hilawBD8f5VARFoXMcCo%2Bg7qWXvhvd9%2Bmiu%2FWHWSFhB79TBoCV2c3uRPGaZWFsR%2FvvAWRdwEOAehkg5yS9tO9bH4%2BOtMD801q%2F3sbfcruz0F%2BBw18Z3WnMtPMUm0oEWWdSA%2Bzsg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7927a2503b7dfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20671980
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7927a2537c91b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML