midasbuyreward.com/
104.21.9.174301 Moved Permanently 0 B IP 104.21.9.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET / HTTP/1.1
Host: midasbuyreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Feb 2023 03:34:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 01 Feb 2023 04:34:54 GMT
Location: https://midasbuyreward.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=341MMxa5wwXJiXh4s%2BerG%2BNMoQUoWZwF%2FaymgcwNlS1WaPAxFu%2F2t1nuquxfmx54AmD3LJVriq%2FZqJPCqPLuTcJ031B5Fuhz3KH89HHwXNsN%2FmBZTAwNGriHHl8sSm3xOF%2BmCxE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7927a24cbc65b4f3-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13629
Expires: Wed, 01 Feb 2023 07:22:03 GMT
Date: Wed, 01 Feb 2023 03:34:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6999
Expires: Wed, 01 Feb 2023 05:31:33 GMT
Date: Wed, 01 Feb 2023 03:34:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 02:43:23 GMT
content-type: application/json
age: 3091
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10076
Expires: Wed, 01 Feb 2023 06:22:50 GMT
Date: Wed, 01 Feb 2023 03:34:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ci0IXVvqeOe1L12MdEDsHAvBCuBkuzMJ93PAmLthg2FWYw28snMF2jZj4EDh1/NjW9ByOVQeggI=
x-amz-request-id: 95DV2JX4H2YPH4K3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 02:51:24 GMT
age: 2610
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 03:34:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
IP 142.250.74.131:0
Hash 986417728c4fdf53482e2a912f2f931a
79acc0a0fde9cee25688b40c6a87f019de070e01
bba453b8e9837dd91d12a46f832f7d2fad1220c29a86ec5f2453fd224bfc2e80
POST /s/gts1p5/Y51sqwKdZ10 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 02:49:04 GMT
age: 2750
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14210
Expires: Wed, 01 Feb 2023 07:31:45 GMT
Date: Wed, 01 Feb 2023 03:34:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6395
Cache-Control: max-age=90042
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Etag: "63d8819e-118"
Expires: Thu, 02 Feb 2023 04:35:37 GMT
Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3237
Cache-Control: max-age=86884
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Etag: "63d8819e-118"
Expires: Thu, 02 Feb 2023 03:42:59 GMT
Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6395
Cache-Control: max-age=90042
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Etag: "63d8819e-118"
Expires: Thu, 02 Feb 2023 04:35:37 GMT
Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32030)
Hash 04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:43:24 GMT
expires: Tue, 30 Jan 2024 18:43:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 118291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Y51sqwKdZ10
IP 142.250.74.131:0
Hash 986417728c4fdf53482e2a912f2f931a
79acc0a0fde9cee25688b40c6a87f019de070e01
bba453b8e9837dd91d12a46f832f7d2fad1220c29a86ec5f2453fd224bfc2e80
POST /s/gts1p5/Y51sqwKdZ10 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 03:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.212.170.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.212.170.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xxb8O0nHFLYjDR/HDiuqQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ccA/wW2Mgu+Tu2lpC7Rtm8YKb+I=
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.24.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:56 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3459354
expires: Mon, 22 Jan 2024 03:34:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sFDaO5ZLE6dZYCdv14SiIIHTxLeuxkY4mipfNM3xfysbfJMomtVty0nQyYU1GuZqzrYE4ifLF%2B24omXNdYl8%2FPq9me0luiYCr%2BX5EXeNoL3vZ1Xm%2BMuEQ9AcL4aOjm0pdaxKth5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7927a2583dfb0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10752
Expires: Wed, 01 Feb 2023 06:34:08 GMT
Date: Wed, 01 Feb 2023 03:34:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0378a78-c173-4036-ab09-812b1651c606.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0378a78-c173-4036-ab09-812b1651c606.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85cde231b700eec450e0611b97742a43
c2c6279d74efdcceb319d6943cbcb9d1d1b686ca
d52297e17f93932aa7c99ae734d4b68f3b9b09b9938db95ecc96bac9f3bb588c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0378a78-c173-4036-ab09-812b1651c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8542
x-amzn-requestid: ad485963-7e2e-410d-ad1c-6386fb738f18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaVHXcoAMFuhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-12d7e4502d1fc1511b6f2260;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rC264m8TiZxhRlRlGWDTLZY35P1iIQMwBsfaz6gBVgQEZapoCU2PBg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:20 GMT
age: 21156
etag: "c2c6279d74efdcceb319d6943cbcb9d1d1b686ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 07:27:38 GMT
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
age: 72438
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4392f298c9e98515493f1235810838f
b89eebf2b8adac69487262100b07da8bc171ecf7
b368d87d3a0fe4e1a8ddc82bed704b3056ad2874b8d325111b399b18807c1e5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15656
x-amzn-requestid: 6723d22f-8b16-4fb2-af92-9b3257fc2a1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIHpRoAMFRYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-03b1c6646f63ba716a6298e1;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI_26DHcHAlPCmTjye1fME6LZ-P77thSz8OXLtyxZS2613uv0SAH7Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 07:26:49 GMT
age: 72487
etag: "b89eebf2b8adac69487262100b07da8bc171ecf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ad49e3ca0f9935c7ff8f922039e5864
6382ee41cb26e42293e1ba5d9f0d3af64ddb672c
7a838e4e1aff60581fbf939920955ea67dae8fb3fa4e31572787c773404d071e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14809
x-amzn-requestid: fc920367-4bb1-40fd-9f1d-1d50b27cfc77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaXEQEoAMF3Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-0f70e0252fc3a3e5248bb372;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _DJyuRqSNr1URN__l7CCcUxBQIxKze2Uyo-BwQzSahrJCvFJcT8w1w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:21 GMT
age: 21155
etag: "6382ee41cb26e42293e1ba5d9f0d3af64ddb672c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6544847aa1270cea1c780e4ee562f2a2
7be75a9f2e5f9e945f60a20a5da70849ad32f72d
d820b25b833d644358c0d9d5a3dc05817770095c06a098a6fc8ed9b7230c80e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8415
x-amzn-requestid: 0d44aaae-d472-410f-9438-7527da366b10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCuGHRqoAMFxeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e4c0-7e7330ab2de5c1ba3e87df4b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:15:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fr2OB2bcdPtbbHXp2z2l7duVX--MbbazfFJAh_V7qqUMMFEme5bRpw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 06:46:28 GMT
age: 74908
etag: "7be75a9f2e5f9e945f60a20a5da70849ad32f72d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75e9c06f-eac8-447e-904f-1b0cf0521126.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75e9c06f-eac8-447e-904f-1b0cf0521126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87a825fd1273ebc211a58aea9ec50339
752e7b3bd92cb7e4be4c221dd7a9ad5edb684269
b6e26537647368313da1ad97f0e49204fb04c624ed6d6be083c05db4787f5497
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75e9c06f-eac8-447e-904f-1b0cf0521126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7806
x-amzn-requestid: b8068d9d-4d56-447a-b1f0-e72428875fac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflmiFnJoAMFpGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c90-26c132b471c6df2f371b1da3;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:13:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MotWwbdPt9slf0LdfmmlNVM7-X4iSjjNyd5_lcLaxGMVho8Wq4eRBg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 08:50:38 GMT
age: 67458
etag: "752e7b3bd92cb7e4be4c221dd7a9ad5edb684269"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
151.101.66.133200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 151.101.66.133:0
Hash f93793d4aabea917afa4a27fb1cb00cd
6573441944d39106b2669c60e92ba055610d21fd
240fa48a472669b1f88939cdeb0457ee32a453a90d855045824c5c7a3037847c
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1459
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 05 Feb 2023 00:38:38 GMT
ETag: "6573441944d39106b2669c60e92ba055610d21fd"
Last-Modified: Wed, 01 Feb 2023 00:38:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 01 Feb 2023 03:34:58 GMT
Age: 2662
X-Served-By: cache-qpg1232-QPG, cache-bma1669-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 28, 0
X-Timer: S1675222498.153803,VS0,VE385
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 03:34:58 GMT
Last-Modified: Tue, 31 Jan 2023 11:36:43 GMT
ETag: "63d8fd4b-1d7"
Expires: Thu, 02 Feb 2023 11:36:43 GMT
Cache-Control: max-age=115305
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675222498
Via: cache20.l2de2[4,4,200-0,M], cache20.l2de2[5,0], cache4.se1[26,26,200-0,M], cache4.se1[27,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:58 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816752224988365786e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 03:34:58 GMT
Last-Modified: Tue, 31 Jan 2023 11:36:43 GMT
ETag: "63d8fd4b-1d7"
Expires: Thu, 02 Feb 2023 11:36:43 GMT
Cache-Control: max-age=115305
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675222498
Via: cache8.l2de2[4,3,200-0,M], cache8.l2de2[6,0], cache1.se1[28,28,200-0,M], cache1.se1[30,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:58 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9516752224988356590e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 03:34:58 GMT
Ali-Swift-Global-Savetime: 1675222498
Via: cache20.l2de2[6,6,200-0,M], cache20.l2de2[7,0], cache7.se1[29,29,200-0,M], cache7.se1[30,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:58 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16752224988367124e
cdn.midasbuy.com/oversea_web/static/css/media-f6bc833bbb.html.css
101.33.10.108200 OK 21 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/css/media-f6bc833bbb.html.css
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type ASCII text, with very long lines (65536), with no line terminators
Hash 16856c0e112045ee8f444e00bc3cb732
fe8651b02063981af4a12786d2f0a94b3ee63053
d774f07a90d5b99872198c0a892f8d722a734bd78c8d553e5299db8d628938c6
GET /oversea_web/static/css/media-f6bc833bbb.html.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: text/css
content-length: 20706
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Fri, 02 Apr 2021 11:54:18 GMT
content-encoding: gzip
x-nws-log-uuid: e73ad86f-70ff-4bf7-8d09-ffdfe022146a
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
101.33.10.108200 OK 36 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type ASCII text, with very long lines (65536), with no line terminators
Hash de38e9ea125cb741d20e2931dd1a4688
a02d6429a26cda558582bace903abcc4281b433e
9e5caa5a21f6440a822e11a2df244f50d833e23e4fd1bfe4d99f1b819cf69616
GET /oversea_web/static/css/vendor-87839280b2.html.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: text/css
content-length: 36202
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Thu, 01 Apr 2021 02:25:50 GMT
content-encoding: gzip
x-nws-log-uuid: 2d51831d-7580-4f34-ac20-e184cd02071e
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
101.33.10.108200 OK 3.1 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type ASCII text, with very long lines (17999), with no line terminators
Hash 053c2bfc207a143e1eda8dfe42fcbaca
922c6d61943ce7826a64cf30b6876a2edf5edf6a
31bf5fce5aa7dc1c21608e8179bb580765270e8bd86de5482ba8a4aee7cc0ba6
GET /oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: text/css
content-length: 3106
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Thu, 08 Apr 2021 09:43:27 GMT
content-encoding: gzip
x-nws-log-uuid: fa09daeb-483c-4c53-af08-bd4bff1195ae
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
3gimg.qq.com/tele_safe/static/tfg/pc/tfg.v1.0.18.js
203.205.136.105200 OK 64 kB URL HTTP/2 3gimg.qq.com/tele_safe/static/tfg/pc/tfg.v1.0.18.js
IP 203.205.136.105:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type Unicode text, UTF-8 text, with very long lines (47403), with NEL line terminators
Hash 8a34837795e4cdec2c6c73a4552ff290
a62522ee006fdb198bb896c43c3cb5b7bfc42dc8
b209750403ec33d58f44da1b1cd11625f4a38aef97d438c7bc0e4683ee4f873d
GET /tele_safe/static/tfg/pc/tfg.v1.0.18.js HTTP/1.1
Host: 3gimg.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "9766758ab4540071f60a1dcde343d4e2d382b02e"
date: Sat, 28 Jan 2023 09:20:46 GMT
content-type: application/javascript
ip: 0.0.0.0
server: TencentCOS
x-cos-storage-class: STANDARD_IA
x-cos-hash-crc64ecma: 13594462328696689996
x-cos-object-type: normal
access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-headers: *
accept-ranges: bytes
last-modified: Sat, 09 Apr 2022 02:31:37 GMT
content-encoding: gzip
content-length: 64381
x-nws-log-uuid: 3129989985077550419
x-cache-lookup: Cache Hit, Hit From Inner Cluster
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/js/production.midas.runtime.js
101.33.10.108200 OK 92 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/js/production.midas.runtime.js
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type ASCII text, with very long lines (32077)
Hash 952643514d71972f6df35e4b8e8482fb
b0ac29d75ac0835e4e30810942558d9b1562966f
cf6214a3a22e442208e57b7ae26a0f5bab6b941aa7d4d15eca703f02b8e0fd9a
GET /oversea_web/static/js/production.midas.runtime.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: application/javascript
content-length: 92388
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Tue, 31 Jan 2023 10:12:39 GMT
content-encoding: gzip
x-nws-log-uuid: 91518048-8a44-413c-a40d-c7ab8fdd763d
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/images/apps/pubgm/guide002.png
101.33.10.108200 OK 448 kB URL HTTP/2 cdn.midasbuy.com/images/apps/pubgm/guide002.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 1338 x 750, 8-bit colormap, non-interlaced\012- data
Size 448 kB (448284 bytes)
Hash 597f725d1acdadf8ac263021465ed51b
47d931fbbf164780a8a71cdfd9d3cb53b5ca583a
46101013f8555231d5e1e2bb9b09c402a334d29323094101d6caff277afd5c31
GET /images/apps/pubgm/guide002.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: image/png
content-length: 448284
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Wed, 01 Dec 2021 10:12:19 GMT
x-nws-log-uuid: 7270e57e-1369-4112-bfc7-16e3dbb4db8e
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js
101.33.10.108200 OK 48 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/js/buypage.052bbaf6.js
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type Unicode text, UTF-8 text, with very long lines (65487), with no line terminators
Hash 1ad01901b3fbfd646fcccee0a421a506
f03614a96dd6dfce69dfdee3b60b9872f9caf5e6
f1f3e3835d75d07a242dd39f889e5c2e2ce66b1f566e17fdb632f5eb2979e688
GET /oversea_web/static/js/buypage.052bbaf6.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: application/javascript
content-length: 47711
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Wed, 10 Mar 2021 08:45:21 GMT
content-encoding: gzip
x-nws-log-uuid: 9b60ad8c-681e-4efc-8d4e-3c26ebe46988
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Wed, 01 Feb 2023 03:34:59 GMT
Last-Modified: Tue, 31 Jan 2023 11:36:43 GMT
ETag: "63d8fd4b-1d7"
Expires: Thu, 02 Feb 2023 11:36:43 GMT
Cache-Control: max-age=115304
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675222499
Via: cache9.l2de2[465,464,200-0,M], cache9.l2de2[465,0], cache3.se1[486,486,200-0,M], cache3.se1[487,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:59 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716752224988334702e
cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js
101.33.10.108200 OK 19 kB URL HTTP/2 cdn.midasbuy.com/h5/overseah5/js/midas-oversea-h5page.js
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
Hash a3b2cf6cabef87509597419b4209f705
c81b2fe2cad2901dc967220505f6d633bdd1e22b
5db724dca089dc2e36974b4398d2209ba0a84e8b5e1b1d2af6f23d2e504a5dda
GET /h5/overseah5/js/midas-oversea-h5page.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: application/javascript
content-length: 11963
cache-control: max-age=259200
expires: Sat, 04 Feb 2023 03:34:58 GMT
last-modified: Thu, 05 Jan 2023 09:24:23 GMT
content-encoding: gzip
x-nws-log-uuid: 766538bb-e7cc-4bf7-aeef-8df50b0a72ff
x-cache-lookup: Hit From MemCache Gz
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js
101.33.10.108200 OK 18 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/js/header.bbcf2110.js
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type Unicode text, UTF-8 text, with very long lines (46187), with NEL line terminators
Hash 493a3307cf580b5a836d2baf8e0dcd87
b0e5683b251c38060f2086e1abb0204071000375
144a3f1bae789f0a2cc849f82979d5621429eb3a91f18ba6d5aeb8d53e21d4d8
GET /oversea_web/static/js/header.bbcf2110.js HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:34:59 GMT
content-type: application/javascript
content-length: 18232
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:44:58 GMT
last-modified: Wed, 10 Mar 2021 08:45:22 GMT
content-encoding: gzip
x-nws-log-uuid: e26c6f8f-81c8-4080-b630-3d4bee0f7626
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash b19bb0c76ca5238a19af8774bf37af92
95d108285c2c9e4e6336a6a1ed5815a622dea92e
6f127d04a9b0f5af355935f4454e13f94072987e094edc1a0c7829b9b0beaa76
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 03:34:59 GMT
Ali-Swift-Global-Savetime: 1675222499
Via: cache10.l2de2[4,4,200-0,M], cache10.l2de2[5,0], cache4.se1[26,26,200-0,M], cache4.se1[27,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:34:59 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816752224999316091e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a17f255c11846504eae95645ff0b8b21
8b88c96dcc20943fd53bec9c0363e23043c6e7c8
6bd26232ddfa11b8ec63d1c7b962d41e09d5c08bfafed7d4a59b3860651e96cf
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 03:35:00 GMT
Ali-Swift-Global-Savetime: 1675222500
Via: cache25.l2de2[1399,1398,200-0,M], cache25.l2de2[1400,0], cache5.se1[1420,1420,200-0,M], cache5.se1[1422,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Wed, 01 Feb 2023 03:35:00 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9916752224988346876e
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
104.18.11.207200 OK 77 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (65371)
Hash 0ddeb754ad36af0d4a13c17e226141ef
a0e9287e25d4e1684a0ac4373960942f73dd9a9c
56b9499cbce54062bc05948a4d311285c44cddf2e1da678c1eafb85bef26ce4f
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 23332832
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7927a2536c8fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.midasbuy.com/oversea_web/static/images/big-new-close-icon.png
43.152.56.96200 OK 396 B URL HTTP/2 www.midasbuy.com/oversea_web/static/images/big-new-close-icon.png
IP 43.152.56.96:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash fe283af4d8973303b3c88122f5de5aa3
d90f66de4a3f4bc3da8965bcdfdc9185f6103bcf
a71399ae5345a2a9e04ebc66f0a50a7703264858632fa3f6bd7efc6a31c05af5
GET /oversea_web/static/images/big-new-close-icon.png HTTP/1.1
Host: www.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 May 2020 08:36:36 GMT
content-encoding: gzip
etag: "5ec39a94-175"
server: nginx
date: Thu, 30 Jun 2022 06:20:40 GMT
content-type: image/png
expires: Sat, 30 Jul 2022 06:20:40 GMT
cache-control: max-age=2592000
content-length: 396
accept-ranges: bytes
eo-log-uuid: 4289442383508508456
eo-cache-status: HIT
X-Firefox-Spdy: h2
www.midasbuy.com/oversea_web/static/images/pc-logo.png
43.152.56.96200 OK 5.4 kB URL HTTP/2 www.midasbuy.com/oversea_web/static/images/pc-logo.png
IP 43.152.56.96:0
File type PNG image data, 442 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash d4b222d824ad52cd77c1eb76e96b77dd
81ed6d1d6f885d529f30add9e76e1dec27d61757
c96e7ada49314f46576365e190183fefabdcdbbf7737b648a7b36f4aa6b46444
GET /oversea_web/static/images/pc-logo.png HTTP/1.1
Host: www.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 18 Oct 2019 06:55:12 GMT
content-encoding: gzip
etag: "5da961d0-151b"
server: nginx
date: Thu, 30 Jun 2022 06:20:40 GMT
content-type: image/png
expires: Sat, 30 Jul 2022 06:20:40 GMT
cache-control: max-age=2592000
content-length: 5426
accept-ranges: bytes
eo-log-uuid: 841938056290712245
eo-cache-status: HIT
X-Firefox-Spdy: h2
i.ibb.co/V9rgBqw/twitter-text.png
162.19.58.156200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 162.19.58.156:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 03:35:01 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/Wg8qQxh/facebook-text.png
162.19.58.156200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 162.19.58.156:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 03:35:01 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/28sztvcd/season-Token.png
162.19.88.69200 OK 30 kB URL HTTP/2 i.postimg.cc/28sztvcd/season-Token.png
IP 162.19.88.69:0
File type PNG image data, 135 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash d02c9d4d558a113e2aebd45c7d8237dc
edd72f80a319adf3fec2f3f061c1b82d6bf59aa7
7fb8131422bba9cda088005359870721b090dcd043d3cea030367be68c6328a6
GET /28sztvcd/season-Token.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 03:35:01 GMT
content-type: image/png
content-length: 29942
last-modified: Sun, 03 Jul 2022 09:35:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/images/M19-1920x240.22e16422.jpg
101.33.10.108200 OK 209 kB URL HTTP/2 cdn.midasbuy.com/images/M19-1920x240.22e16422.jpg
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JPEG image data, baseline, precision 8, 1920x240, components 3\012- data
Size 209 kB (209426 bytes)
Hash 22e164220ff037d248962b7c5d63d540
c936e9106ca578d2169303bae598903a985ffa78
e997b83d3adb675fdba866c19f2da95876dc737467d76287e81dedd1b2aeaf6c
GET /images/M19-1920x240.22e16422.jpg HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:01 GMT
content-type: image/jpeg
content-length: 209426
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:00 GMT
last-modified: Wed, 11 Jan 2023 08:47:45 GMT
x-nws-log-uuid: f7eda1d0-7572-4f77-a375-dfb1c88ee8ae
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/pc-fb-eade39686c.png
101.33.10.108200 OK 2.4 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/pc-fb-eade39686c.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash eade39686c453acaf33a01a6e36268fc
ce7fb98da8caaa54fe9d73dec432dd45835aa70d
528ec4ee6f56ace1dd9c394fa067175b7192828bc3b68e264e7494448f31b27e
GET /oversea_web/static/images/pc-fb-eade39686c.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 2407
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
x-nws-log-uuid: aec804b5-d200-42be-ace2-2849ebebeb10
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
pufflam.alphagg7.cyou/
104.21.40.28200 OK 41 kB IP 104.21.40.28:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (437), with CRLF line terminators
Hash 068d8babe6ee79bf611ead97f71680da
98bfca7c473f9e9152822c445a9dd85f703ac377
537702ce0ea87bf3ca1a85885632858f69e3fee25611141ec7eb2d61f34e38bd
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pufflam.alphagg7.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:55 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXJmnDyG7XLmpD6n4mPUKcFpwRS90W53zt66S8esoVkliQzsn68zuE41L7jtXNWM6OGH%2FmZgnSlFbGw8rIuSBbsnYR5t09kszlS1qZ8n1slvFPNI2BRRL08gKJ6UgOAmLHTXv%2F6HUmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7927a2547a41b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/pc-logo-5f404ea479.png
101.33.10.108200 OK 5.4 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/pc-logo-5f404ea479.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 442 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f404ea4792424375fa4b16a520555ed
8a3e448779780a80af9adc5081e4fa793e51f436
607b00f0fd839eb7f8250d7c4d0c0b4a31a08b32b2b8b5cbdd9fe3125b2eb985
GET /oversea_web/static/images/pc-logo-5f404ea479.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 5403
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:35 GMT
x-nws-log-uuid: 1b4d738d-c103-43c1-aa24-9ba13683b10c
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png
101.33.10.108200 OK 6.3 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 160 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a7af30a7db00d745c395f37234ecb68
0094e6e517c0fb4d166372df84b0b39ae53a262f
0909bf522ff7dc29fa8915273ff58051a142650fc1dd72616d441da6bcf8a4d0
GET /oversea_web/static/images/codmicon/tab-actvie-6a7af30a7d.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 6303
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:17 GMT
x-nws-log-uuid: 2d245b83-3044-4e50-b2cf-f5b1d9aa24ad
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/list-active-new-0f7ecf2cdd.svg
101.33.10.108200 OK 615 B URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/list-active-new-0f7ecf2cdd.svg
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text
Hash 0f7ecf2cddefd1c786fd11e60a3f183a
59911a60b5049a6d980646cc27b24fde94d0763f
362a7ee07b4a9bf9f2ce90cf4de3ed1535b38c0a2d55c8db4c921c068d46f313
GET /oversea_web/static/images/list-active-new-0f7ecf2cdd.svg HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/svg+xml
content-length: 615
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:31 GMT
x-nws-log-uuid: 2d1d9f20-6922-4d08-8861-995b5b69a8f0
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png
101.33.10.108200 OK 114 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 326 x 480, 8-bit/color RGBA, non-interlaced\012- data
Size 114 kB (113890 bytes)
Hash c8325e2e0e5cde4df1581a63800f7086
8219f8045bb6441c7b8fdb92c94595c7327918c0
9b66bc540c283d4587d4bd6df50a100bf1f18158655e24234f103f0bc419e9e3
GET /oversea_web/static/images/codmicon/card-active-bg-c8325e2e0e.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 113890
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
x-nws-log-uuid: b633c98b-0d87-4080-90e1-c430d470ad56
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/codmicon/card-bg-097257145b.png
101.33.10.108200 OK 46 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/codmicon/card-bg-097257145b.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 326 x 480, 8-bit/color RGBA, non-interlaced\012- data
Hash 097257145b436869d2c0978b4cdd3454
d486c55eb3764f83f22550d72b0b932c8812826a
1c27de241af0b7402928d9d99af6288c1570d31a781dd0637a35fa51d8b7088b
GET /oversea_web/static/images/codmicon/card-bg-097257145b.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/game_recharge_ticket_new-c9585b8432.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 45735
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:14 GMT
x-nws-log-uuid: da3c3c6c-b549-4ce9-814d-6fd3835e6857
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=3
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/arrow-icon-54d438045f.png
101.33.10.108200 OK 360 B URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/arrow-icon-54d438045f.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 54d438045f0281be67ce99d4961caa5e
c862dda6d99691930cba1d401629e31358cadb52
a521b418fd37d48c7a770e7c9438bf56c8a564df2ae8a77c60865f0614361ec7
GET /oversea_web/static/images/arrow-icon-54d438045f.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 360
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:08 GMT
x-nws-log-uuid: 3c641fd8-ed82-4876-b661-4ccc090885b6
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.midasbuy.com/oversea_web/static/images/feedback-icon-d5219efc94.png
101.33.10.108200 OK 1.3 kB URL HTTP/2 cdn.midasbuy.com/oversea_web/static/images/feedback-icon-d5219efc94.png
IP 101.33.10.108:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type PNG image data, 20 x 16, 8-bit/color RGBA, interlaced\012- data
Hash d5219efc94471d4bb43fc126151b89ed
ee8a891c098f366da2d881851c35e322fcc91865
62a6940b8ff01e27be4e854346e4f734bed11d64c1378b70b30f0385c645a575
GET /oversea_web/static/images/feedback-icon-d5219efc94.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/vendor-87839280b2.html.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: NWSs
date: Wed, 01 Feb 2023 03:35:02 GMT
content-type: image/png
content-length: 1272
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:01 GMT
last-modified: Tue, 27 Apr 2021 10:57:27 GMT
x-nws-log-uuid: 907cc1d0-8925-4728-a8d6-46467981efd0
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-daa-tunnel: hop_count=1
x-cache-lookup: Hit From Upstream, Hit From Disktank3
accept-ranges: bytes
X-Firefox-Spdy: h2
midas.gtimg.cn/oversea_web/static/images/flag/world.2556fe97306bdec1268d8b8a935b56c5.jpg
23.32.89.241200 OK 22 kB URL HTTP/2 midas.gtimg.cn/oversea_web/static/images/flag/world.2556fe97306bdec1268d8b8a935b56c5.jpg
IP 23.32.89.241:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2040, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3471], baseline, precision 8, 22x13, components 3\012- data
Hash 2556fe97306bdec1268d8b8a935b56c5
921f418284527e287e00fd4223595db666b227a1
3dd04893dcf4fb0b4eabdc3a2d5bec009f6a81d3ee066501ed1cdda9705c9cd8
GET /oversea_web/static/images/flag/world.2556fe97306bdec1268d8b8a935b56c5.jpg HTTP/1.1
Host: midas.gtimg.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: X2S_Platform
x-nws-log-uuid: be4b9aa5-53c2-43f6-9c8d-256db6d1f82e
server_ip: 203.205.136.85
last-modified: Wed, 17 Jul 2019 09:21:05 GMT
x-cache-lookup: Hit From Upstream
content-type: image/jpeg
content-length: 21503
x-verify-code: a965555672a45e97857023b2cfaec129
x-nws-uuid-verify: 018920d605788ea8298abdc5d655cde0
x-daa-tunnel: hop_count=1
cache-control: max-age=600
expires: Wed, 01 Feb 2023 03:45:02 GMT
date: Wed, 01 Feb 2023 03:35:02 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
23.36.76.250200 OK 75 kB URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
cache-control: max-age=300
expires: Wed, 01 Feb 2023 03:40:02 GMT
date: Wed, 01 Feb 2023 03:35:02 GMT
X-Firefox-Spdy: h2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521379|6=1675222521379|29=0404447576727409831615827099757&rr=0.9549230023733852
211.152.136.86200 OK 463 B URL HTTP/2 report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521379|6=1675222521379|29=0404447576727409831615827099757&rr=0.9549230023733852
IP 211.152.136.86:0
Hash f60ccdf9b658445e8a8e7e0286a042ad
bbb7cdf4de9a09911e75230096b870cdce9131b5
f644d6591fcc9e2754c42c8c82289a251c3fe47fc27a1fafd53904d81b3eb21b
GET /cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.req.getFingerPrint.start|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521379|6=1675222521379|29=0404447576727409831615827099757&rr=0.9549230023733852 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:35:03 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 6356624538204940703
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|36=https%3A%2F%2Fmidasbuyreward.com%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0|51=&r=0.6334734515655998
211.152.136.86200 OK 29 B URL HTTP/2 report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|36=https%3A%2F%2Fmidasbuyreward.com%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0|51=&r=0.6334734515655998
IP 211.152.136.86:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2935fb252651c11a0686fa86463b502b
61d2f0bb210e47ae4e1828536a5a8ab18db01017
37bb2788d2a768dc291105ef695562033e91d7b6d0283600d27d482b985d27ae
GET /cgi-bin/log_data.fcg?num=1&record0=21=midas.api.call.init.ok|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|36=https%3A%2F%2Fmidasbuyreward.com%2F|50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0|51=&r=0.6334734515655998 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:35:03 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 659855397733652164
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2
report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521468|6=1675222521468|29=0404447576727409831615827099757&rr=0.9797437526555267
211.152.136.86200 OK 29 B URL HTTP/2 report1.midasbuy.com/cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521468|6=1675222521468|29=0404447576727409831615827099757&rr=0.9797437526555267
IP 211.152.136.86:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2935fb252651c11a0686fa86463b502b
61d2f0bb210e47ae4e1828536a5a8ab18db01017
37bb2788d2a768dc291105ef695562033e91d7b6d0283600d27d482b985d27ae
GET /cgi-bin/log_data.fcg?num=1&record0=21=midasbuy.pageview.topupv2|13=1|8=|4=uv_0404447576727409831615827099757|51=mds_hkweb_pc-v2-android-midasweb-midasbuy|31=oversea_web_v2_ot|43=|24=1450015065|23=v2|25=https%3A%2F%2Fpufflam.alphagg7.cyou%2F|26=pc|3=|36=https%253A%252F%252Fmidasbuyreward.com%252F|50=Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%253B%2520rv%253A105.0)%2520Gecko%252F20100101%2520Firefox%252F105.0|38=1675222521468|6=1675222521468|29=0404447576727409831615827099757&rr=0.9797437526555267 HTTP/1.1
Host: report1.midasbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pufflam.alphagg7.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:35:03 GMT
content-type: text/html;charset=utf-8
server: nginx
content-encoding: gzip
content-length: 29
x-nws-log-uuid: 13170864836470097446
x-cache-lookup: Cache Miss, Cache Miss
X-Firefox-Spdy: h2
midasbuyreward.com/
172.67.161.34200 OK 0 B IP 172.67.161.34:0
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET / HTTP/1.1
Host: midasbuyreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:55 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hilawBD8f5VARFoXMcCo%2Bg7qWXvhvd9%2Bmiu%2FWHWSFhB79TBoCV2c3uRPGaZWFsR%2FvvAWRdwEOAehkg5yS9tO9bH4%2BOtMD801q%2F3sbfcruz0F%2BBw18Z3WnMtPMUm0oEWWdSA%2Bzsg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7927a2503b7dfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://midasbuyreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 03:34:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20671980
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7927a2537c91b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2