r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4170
Expires: Fri, 23 Sep 2022 02:51:36 GMT
Date: Fri, 23 Sep 2022 01:42:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 01:14:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sfHLzNxCpQc7Qsu4g0bdd9qDCVlREwty7vHaOLzQS6Hkrmw5Gl3YZA==
Age: 1680
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10842
Expires: Fri, 23 Sep 2022 04:42:48 GMT
Date: Fri, 23 Sep 2022 01:42:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: I3bvHy5Ij0jGu6LmUH3dSfjH9Tmb1em1BZWtXcBfEt7+rJITe9ICGXsW5/oqQaivNUVr40M7QIA=
x-amz-request-id: XXFGT1SX5PN7KS72
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 00:44:06 GMT
age: 3480
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 01:42:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 01:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 01:13:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2bbnzWgkhZECJtR9X7ywqHcz5wJ4LA6dGb0g9JU4PXcSLIlK7aKkpw==
Age: 2324
aatgroup-th.com/login.php
45.200.232.204301 Moved Permanently 159 B URL HTTP/1.1 aatgroup-th.com/login.php
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 2a5bd3917a7ae5f8dbbcad6c28911a06
6d5b43d05a30f9dc6601af0c08e23cc61438a29e
7bbee9f4148f1acae01cfb951c0b191b557e8fca90579cb2df908aa4ae23492d
Analyzer Verdict Alert fortinet Phishing
GET /login.php HTTP/1.1
Host: aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: http://www.aatgroup-th.com/login.php
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.2.34, ASP.NET
Date: Thu, 17 Sep 2020 09:23:19 GMT
Content-Length: 159
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5250
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:42:07 GMT
Last-Modified: Fri, 23 Sep 2022 00:14:37 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.146.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.146.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: B/56FX/PvOSopVAJoIZSBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9GeJmVu1xy0mmEYQ4nVUs2S9bQM=
www.aatgroup-th.com/login.php
45.200.232.204200 OK 4.3 kB URL HTTP/1.1 www.aatgroup-th.com/login.php
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (870), with CRLF line terminators
Hash 3157be01468393c156849cff53a9eacb
88c02cf1d7de11a01a189035f519ebff256eead4
faf27e94bb1d5ab6d9971adfc749c6def5f34eb4f637b2d4f7c1c92b235251a2
Analyzer Verdict Alert fortinet Phishing
GET /login.php HTTP/1.1
Host: www.aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.2.34, ASP.NET
Date: Thu, 17 Sep 2020 09:23:20 GMT
Content-Length: 4335
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6935
Expires: Fri, 23 Sep 2022 03:37:43 GMT
Date: Fri, 23 Sep 2022 01:42:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6935
Expires: Fri, 23 Sep 2022 03:37:43 GMT
Date: Fri, 23 Sep 2022 01:42:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6935
Expires: Fri, 23 Sep 2022 03:37:43 GMT
Date: Fri, 23 Sep 2022 01:42:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6935
Expires: Fri, 23 Sep 2022 03:37:43 GMT
Date: Fri, 23 Sep 2022 01:42:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6935
Expires: Fri, 23 Sep 2022 03:37:43 GMT
Date: Fri, 23 Sep 2022 01:42:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 12641
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b936e90-90ba-49d6-946e-b7cd524d23f9.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b936e90-90ba-49d6-946e-b7cd524d23f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6243782119c18721ebfb39448a079e32
6131afd540498e8ead1b9937bc953fadbdb164f9
9f70c0b851ea5039eee2edf8d37f447946e2d2783d6ce257c0ccbcf9f262d289
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b936e90-90ba-49d6-946e-b7cd524d23f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7180
x-amzn-requestid: c08a48fa-b734-4ac7-aa76-a1225135b792
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YsS2qHbcIAMFgEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6327fe90-4a5915de1b0da7a07efddf86;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 05:30:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6QVS_B0PlpAG7YSjavV2LBnC_hiHBza_hYkyA6MtdaN6iMYmVliMOg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 07:30:08 GMT
age: 65520
etag: "6131afd540498e8ead1b9937bc953fadbdb164f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 14026
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 634db5bfe2b27e608c3f3518b0c44ebb
06f5f63e681d711bd68626805c5dd2b902ebf9cf
935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13000
x-amzn-requestid: 0658a29b-3c96-431c-ab00-952ab7365e1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioLNHd1oAMFkbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420ad-488015441a19070348de1398;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vhg1m3Tpmoo68IBbutFCvjCLD6iBW3YWysB7hA837CwDK3DSSFp_KA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 09:35:19 GMT
age: 58009
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b6b51846ec2b7d856b7dc12e4d720f4
5a69190a9a778a6979e11fafedd43e1031caf8e2
a497c04d1c9d0be88aa9c288423346e83c6a7b296295387b3b7b855c550492a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9444e811-e2d5-4901-a86d-9e9269a6f846.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10927
x-amzn-requestid: ae562f19-3dd9-42b1-bb98-ab026140506e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YsqHOHguIAMFS7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632823c7-6d4bcabf6879463427e68a50;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 08:09:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u4DgvdhOG7agsl8-aoovMcR029kbfcAk9eoiUiHb-PZuq3RbbFg9Mw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:51 GMT
age: 13997
etag: "5a69190a9a778a6979e11fafedd43e1031caf8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 13732
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.aatgroup-th.com/template/company/moban263/js/jquery.easydropdown.js
45.200.232.204200 OK 4.3 kB URL HTTP/1.1 www.aatgroup-th.com/template/company/moban263/js/jquery.easydropdown.js
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
Hash f51f31571fa9019aeb418cd313ed3a0e
b909cf3f83f5d5d641f3b9caac6d73614ea455e3
081079b0abfd0d8f7afbb0b3e0bd03dc4e3cd877d5aad9a5d855b60a758799a0
Analyzer Verdict Alert fortinet Phishing
GET /template/company/moban263/js/jquery.easydropdown.js HTTP/1.1
Host: www.aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aatgroup-th.com/login.php
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 18 Feb 2021 15:24:40 GMT
Accept-Ranges: bytes
ETag: W/"0acb12ca6d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 17 Sep 2020 09:23:20 GMT
Content-Length: 4285
www.aatgroup-th.com/js/orsxg5a.script
45.200.232.204200 OK 1.5 kB URL HTTP/1.1 www.aatgroup-th.com/js/orsxg5a.script
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type ASCII text, with very long lines (3538), with no line terminators
Hash 21cd09fc2ba4ab11c1c78046e748f4c9
f08272a09b05ff36163dd06332ffb4443cc0429f
48bae9b03045b47dd9a4a52e9bbb8102f1dd6881f61d7de751ddaf01d377a9aa
Analyzer Verdict Alert fortinet Phishing
GET /js/orsxg5a.script HTTP/1.1
Host: www.aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aatgroup-th.com/login.php
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.2.34, ASP.NET
Date: Thu, 17 Sep 2020 09:23:21 GMT
Content-Length: 1521
www.aatgroup-th.com/template/company/moban263/js/nav.js
45.200.232.204200 OK 699 B URL HTTP/1.1 www.aatgroup-th.com/template/company/moban263/js/nav.js
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
Hash b036a6ed5893d811d469c4c49f7d3909
c4650c7c9535e0af2b6786eef46b511b805b4c8f
6c7361a6533046347b4f1211de3d3a5a4e3d6e6b7919fe720eec7ca81a7f6dd8
Analyzer Verdict Alert fortinet Phishing
GET /template/company/moban263/js/nav.js HTTP/1.1
Host: www.aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aatgroup-th.com/login.php
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 18 Feb 2021 15:24:40 GMT
Accept-Ranges: bytes
ETag: W/"0acb12ca6d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 17 Sep 2020 09:23:21 GMT
Content-Length: 699
www.aatgroup-th.com/template/company/moban263/css/font-awesome.css
45.200.232.204200 OK 5.9 kB URL HTTP/1.1 www.aatgroup-th.com/template/company/moban263/css/font-awesome.css
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type ASCII text, with very long lines (305)
Hash a63a272bab8660a7f956d82e242e7ce0
13e1fd461363a0966409d7a5ca83858e538ea2a9
52374eab397e03dfd9ede322686dd96bfa331c387cb0bcb22a16669c10561279
GET /template/company/moban263/css/font-awesome.css HTTP/1.1
Host: www.aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aatgroup-th.com/login.php
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 18 Feb 2021 15:24:40 GMT
Accept-Ranges: bytes
ETag: W/"0acb12ca6d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 17 Sep 2020 09:23:20 GMT
Content-Length: 5900
www.aatgroup-th.com/template/company/moban263/js/jquery.min.js
45.200.232.204200 OK 42 kB URL HTTP/1.1 www.aatgroup-th.com/template/company/moban263/js/jquery.min.js
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash f7dc87b1ddafd592a5ac62ff0f02b3cb
61feb59be189c1a87e7476727f3a17a7d52965bd
2b69f0b56c3abae246748f35e17d8743dd53010c98e9b22001fc600ec0b79b9f
Analyzer Verdict Alert fortinet Phishing
GET /template/company/moban263/js/jquery.min.js HTTP/1.1
Host: www.aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aatgroup-th.com/login.php
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 18 Feb 2021 15:24:40 GMT
Accept-Ranges: bytes
ETag: W/"0acb12ca6d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 17 Sep 2020 09:23:20 GMT
Content-Length: 42060
www.aatgroup-th.com/template/company/moban263/css/bootstrap.css
45.200.232.204200 OK 27 kB URL HTTP/1.1 www.aatgroup-th.com/template/company/moban263/css/bootstrap.css
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type assembler source, ASCII text, with very long lines (540)
Hash 2519b25655194fff84ef3b0d15c61e88
268c043f183864113e75a762f4bdd98715bc1bf3
7e7a0606b33ce21044abaf8b0ac8583cb04a8c9d77cc4f03353b91e6813e535d
GET /template/company/moban263/css/bootstrap.css HTTP/1.1
Host: www.aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aatgroup-th.com/login.php
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 18 Feb 2021 15:24:40 GMT
Accept-Ranges: bytes
ETag: W/"0acb12ca6d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 17 Sep 2020 09:23:20 GMT
Content-Length: 26808
www.aatgroup-th.com/template/company/moban263/css/style.css
45.200.232.204200 OK 21 kB URL HTTP/1.1 www.aatgroup-th.com/template/company/moban263/css/style.css
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
File type ASCII text, with CRLF line terminators
Hash 39c26d08bca3f2835a683ba5942e3046
784d160719c1ab472a03665bce4084840804e074
9839305bc4260b29b8c097c126108fa50cfff0af7a86eb7f20ca169ee4845f2c
GET /template/company/moban263/css/style.css HTTP/1.1
Host: www.aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aatgroup-th.com/login.php
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 18 Feb 2021 15:24:40 GMT
Accept-Ranges: bytes
ETag: W/"0acb12ca6d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 17 Sep 2020 09:23:21 GMT
Content-Length: 20606
www.aatgroup-th.com/favicon.ico
45.200.232.204200 OK 0 B URL HTTP/1.1 www.aatgroup-th.com/favicon.ico
IP 45.200.232.204:0
ASN #133201 ABCDE GROUP COMPANY LIMITED
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.aatgroup-th.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aatgroup-th.com/login.php
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Sun, 13 Sep 2020 22:21:32 GMT
Accept-Ranges: bytes
ETag: "f367df3b1c8ad61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 17 Sep 2020 09:23:22 GMT
Content-Length: 0
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 2a174a9df3edd8e24dd22caafb558540
cdf1b4d1b2375a39d17f189018bbdf83a20812f2
eb9b06854a589efd7d109711331b1c88bb71e7f301ea76490c683baae4701814
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:42:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 26 Sep 2022 21:50:46 GMT
ETag: "cdf1b4d1b2375a39d17f189018bbdf83a20812f2"
Last-Modified: Thu, 22 Sep 2022 21:50:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2291
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ef950abc6cb4eb-OSL
www.918cce.com/?palcode=1007182765
103.118.81.7301 Moved Permanently 175 B URL HTTP/1.1 www.918cce.com/?palcode=1007182765
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9856f739e9771096a200e7df6b240239
c24d909f9517e949ac7ee4896bc3095a309919b3
fe14fc5961e841ec619fc3d0131aefb30cd0a9cda0b3681b0f9ee6aa3da3c13f
GET /?palcode=1007182765 HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.aatgroup-th.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty/1.19.9.7
Date: Fri, 23 Sep 2022 01:42:10 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://www.918cce.com:443/?palcode=1007182765
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ccfcaf1feac15678448e0578e76135db
718ffcfe7e4c3f109518950ee935f6a334c545e3
bb396231577efb9d625e5375eaa1c755ef1cf17c3d75552b15bd9235b0f921da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB396231577EFB9D625E5375EAA1C755EF1CF17C3D75552B15BD9235B0F921DA"
Last-Modified: Thu, 22 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Fri, 23 Sep 2022 07:41:58 GMT
Date: Fri, 23 Sep 2022 01:42:11 GMT
Connection: keep-alive
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash fc3ceb122868fb2e3d5f8bb553e50eb8
02f77fd31d01e2235d55f7b905af346bf4c9b4f5
187522fbae263d433cc3f2beff220a7503269adb81814845f611879ecdcf6311
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:42:12 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 23:36:11 GMT
Expires: Thu, 29 Sep 2022 23:36:10 GMT
Etag: "02f77fd31d01e2235d55f7b905af346bf4c9b4f5"
Cache-Control: max-age=596637,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ef9516e8e7b4eb-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash bdad9739af8b82119a014a2c6fadefb6
d532a1a9e2233b90c478babf6dcdff39e73a0110
6033be2841a419263613c47d21a1d1f8a09a2aa297cf7eb5d875eca495df4031
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:42:12 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 03:06:37 GMT
Expires: Tue, 27 Sep 2022 03:06:36 GMT
Etag: "d532a1a9e2233b90c478babf6dcdff39e73a0110"
Cache-Control: max-age=350063,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ef9516eb5b0b45-OSL
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/cdn_test.jpg?v=1663897331260
163.171.140.79200 OK 26 B URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/cdn_test.jpg?v=1663897331260
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET //cdn/1e3c3bF/cdn_test.jpg?v=1663897331260 HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:12 GMT
content-type: image/jpeg
content-length: 26
server: PWS/8.3.1.0.8
last-modified: Thu, 18 Jun 2020 02:26:07 GMT
etag: "5eead0bf-1a"
expires: Sat, 23 Sep 2023 01:42:12 GMT
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 PSxgHKG8om130:8 (W), 1.1 PShlamstdAMS1cc96:19 (W)
x-px: ms PShlamstdAMS1cc96AMS,ms PSxgHKG8om130000(origin)
x-ws-request-id: 632d0ef4_PShlamstdAMS1se91_21925-10824
X-Firefox-Spdy: h2
1e3c3bfront.zcdiks.com//cdn/1e3c3bF/cdn_test.jpg?v=1663897331260
163.171.140.79200 OK 26 B URL HTTP/2 1e3c3bfront.zcdiks.com//cdn/1e3c3bF/cdn_test.jpg?v=1663897331260
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET //cdn/1e3c3bF/cdn_test.jpg?v=1663897331260 HTTP/1.1
Host: 1e3c3bfront.zcdiks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:12 GMT
content-type: image/jpeg
content-length: 26
server: PWS/8.3.1.0.8
last-modified: Thu, 18 Jun 2020 02:26:07 GMT
etag: "5eead0bf-1a"
expires: Sat, 23 Sep 2023 01:42:12 GMT
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 PS-000-01erM87:5 (W), 1.1 PShlamstdAMS1cc96:19 (W)
x-px: ms PShlamstdAMS1cc96AMS,ms PS-000-01erM87000(origin)
x-ws-request-id: 632d0ef4_PShlamstdAMS1se91_19890-1348
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e53eae95c7f82b707327ed3bd28096b9
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e53eae95c7f82b707327ed3bd28096b9
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (627)
Hash d1a3055a675c6066c480578a8dbf4aa6
6dfc60691abbf89f3a3c7cd18083c2185e0c6ae6
a1e835f967860246777e86a47db6d2bbef1f806f4e8c87658bcf499d719da624
GET /hm.js?e53eae95c7f82b707327ed3bd28096b9 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.aatgroup-th.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11340
Content-Type: application/javascript
Date: Fri, 23 Sep 2022 01:42:11 GMT
Etag: b39f601c89e33e15b58b4c822a11d71c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EDB9CC65F22A7FE3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/3s_web_detect.js?product=1e3c3b&module=frontend_web_new?time=20201102
163.171.140.79200 OK 44 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/3s_web_detect.js?product=1e3c3b&module=frontend_web_new?time=20201102
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (44445), with no line terminators
Hash f9128fd2c5b6306a3b5f1a1936ce63c0
7f993e995b9e80481ea39e70a6a5e8d1612475ed
d26010f2656cb739b3f874fa91bc8e2a154cd59677e598fcaa8e2740f0f91377
GET //cdn/1e3c3bF/3s_web_detect.js?product=1e3c3b&module=frontend_web_new?time=20201102 HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 44485
expires: Wed, 26 Jul 2023 14:17:54 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-adc5"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 5052258
via: 1.1 PS-000-01LpH100:8 (W), 1.1 PShlamstdAMS1vj92:14 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef4_PShlamstdAMS1se91_20092-17244
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/remove.js?time=20201028
163.171.140.79200 OK 124 B URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/remove.js?time=20201028
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
Hash c2992a7835979c4c054bf8e510402072
5b77d8411ea90a7a3f339e4ff8940eff81c9db85
4d9c1fa3fc960ee8df79b409d6014ccab32e22a7acd4a0967b65b81c9e8600d3
GET //cdn/1e3c3bF/remove.js?time=20201028 HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 124
expires: Wed, 26 Jul 2023 14:17:54 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-7c"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 5052258
via: 1.1 PS-000-01LpH100:8 (W), 1.1 PShlamstdAMS1cc96:4 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef4_PShlamstdAMS1se91_20092-17246
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-vendors.8bb72ccd.css
163.171.140.79200 OK 16 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-vendors.8bb72ccd.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (15979), with no line terminators
Hash c3e516cccaf4f6d836fb7d7bf451b6f3
be9071e6699d837a88afa05edbd0086d12ea9189
364f95e9d88f0236178b180ea3b382ecb0b562e5597f491c64e44f88e888d622
GET //cdn/1e3c3bF/static/css/chunk-vendors.8bb72ccd.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:12 GMT
content-type: text/css
content-length: 15979
expires: Thu, 27 Jul 2023 07:34:21 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-3e6b"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4990071
via: 1.1 PS-000-01erM87:7 (W), 1.1 PShlamstdAMS1cc96:14 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef4_PShlamstdAMS1se91_20092-17247
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/index.99d0fbdf.css
163.171.140.79200 OK 126 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/index.99d0fbdf.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (65536), with no line terminators
Size 126 kB (125925 bytes)
Hash bf8e28aa7822e461a5015e872a99fb72
e77a7d21f569ff4ba671ff2e0a12e8a6ff10b200
46409400b82e551f1ad005f640451b60e2b652d9b5e98211dbb513fe9d0ac11c
GET //cdn/1e3c3bF/static/css/index.99d0fbdf.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:12 GMT
content-type: text/css
content-length: 125925
expires: Thu, 21 Sep 2023 16:23:20 GMT
server: PWS/8.3.1.0.8
last-modified: Wed, 21 Sep 2022 09:44:16 GMT
etag: "632adcf0-1ebe5"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 119932
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1vj92:19 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef4_PShlamstdAMS1se91_20092-17248
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/index.3edbc753.js
163.171.140.79200 OK 598 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/index.3edbc753.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (65536), with no line terminators
Size 598 kB (597759 bytes)
Hash cde22114f3a90dc607605f408ba297d9
3325b9b7c133d3cbee0422b5512ce6edb8f015ac
9e4270c826b73abd12cbdc5849d547555bd6cfac5ad10c89b4db52d0ef58f403
GET //cdn/1e3c3bF/static/js/index.3edbc753.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 597759
expires: Thu, 21 Sep 2023 16:23:20 GMT
server: PWS/8.3.1.0.8
last-modified: Wed, 21 Sep 2022 09:44:16 GMT
etag: "632adcf0-91eff"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 119932
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1se91:19 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef4_PShlamstdAMS1se91_20092-17251
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-vendors.539719e4.js
163.171.140.79200 OK 618 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-vendors.539719e4.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size 618 kB (618233 bytes)
Hash c13c88fca46ddb5d5bb6eeb83e9ca842
a2b28ba12befd750e5731d9109308bc65e3a9afa
2ebc41b73daa5e224a8fbe8c41bc10a28621d5094364f89006cbca9df498922f
GET //cdn/1e3c3bF/static/js/chunk-vendors.539719e4.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 618233
expires: Wed, 26 Jul 2023 14:17:54 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-96ef9"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 5052258
via: 1.1 PS-000-01LpH100:8 (W), 1.1 PShlamstdAMS1vj92:4 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef4_PShlamstdAMS1se91_20092-17249
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=912235625&si=e53eae95c7f82b707327ed3bd28096b9&v=1.2.97&lv=1&sn=29217&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.aatgroup-th.com%2Flogin.php&tt=%EF%BB%BF%E9%B8%AD%E8%84%96%E5%A8%B1%E4%B9%90app%E5%AE%98%E6%96%B9%E4%B8%8B%E8%BD%BD%E8%8B%B9%E6%9E%9C%E3%80%81%E8%A7%89%E9%86%92%E6%A3%8B%E7%89%8C%E5%AE%98%E7%BD%91jx668%E8%8B%B9%E6%9E%9C%E7%89%88%E3%80%81761%E6%A3%8B%E7%89%8C%E6%89%8B%E6%9C%BA%E5%AE%98%E7%BD%91%E8%8B%B9%E6%9E%9C_%E5%90%84%E5%9C%B0%E8%90%BD%E5%AE%9E%E8%90%BD%E7%BB%86%E9%98%B2%E6%8E%A7%E6%8E%AA%E6%96%BD%20%E5%81%9A%E5%A5%BD%E7%96%AB%E6%83%85%E9%98%B2%E6%8E%A7%E5%B7%A5%E4%BD%9C-%E7%90%BC%E6%B5%B7%E5%B8%82%E5%B7%A5%E7%A8%8B%E5%BB%BA%E8%AE%BE%E5%88%B6%E9%80%A0%E5%8E%82
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=912235625&si=e53eae95c7f82b707327ed3bd28096b9&v=1.2.97&lv=1&sn=29217&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.aatgroup-th.com%2Flogin.php&tt=%EF%BB%BF%E9%B8%AD%E8%84%96%E5%A8%B1%E4%B9%90app%E5%AE%98%E6%96%B9%E4%B8%8B%E8%BD%BD%E8%8B%B9%E6%9E%9C%E3%80%81%E8%A7%89%E9%86%92%E6%A3%8B%E7%89%8C%E5%AE%98%E7%BD%91jx668%E8%8B%B9%E6%9E%9C%E7%89%88%E3%80%81761%E6%A3%8B%E7%89%8C%E6%89%8B%E6%9C%BA%E5%AE%98%E7%BD%91%E8%8B%B9%E6%9E%9C_%E5%90%84%E5%9C%B0%E8%90%BD%E5%AE%9E%E8%90%BD%E7%BB%86%E9%98%B2%E6%8E%A7%E6%8E%AA%E6%96%BD%20%E5%81%9A%E5%A5%BD%E7%96%AB%E6%83%85%E9%98%B2%E6%8E%A7%E5%B7%A5%E4%BD%9C-%E7%90%BC%E6%B5%B7%E5%B8%82%E5%B7%A5%E7%A8%8B%E5%BB%BA%E8%AE%BE%E5%88%B6%E9%80%A0%E5%8E%82
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=912235625&si=e53eae95c7f82b707327ed3bd28096b9&v=1.2.97&lv=1&sn=29217&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fwww.aatgroup-th.com%2Flogin.php&tt=%EF%BB%BF%E9%B8%AD%E8%84%96%E5%A8%B1%E4%B9%90app%E5%AE%98%E6%96%B9%E4%B8%8B%E8%BD%BD%E8%8B%B9%E6%9E%9C%E3%80%81%E8%A7%89%E9%86%92%E6%A3%8B%E7%89%8C%E5%AE%98%E7%BD%91jx668%E8%8B%B9%E6%9E%9C%E7%89%88%E3%80%81761%E6%A3%8B%E7%89%8C%E6%89%8B%E6%9C%BA%E5%AE%98%E7%BD%91%E8%8B%B9%E6%9E%9C_%E5%90%84%E5%9C%B0%E8%90%BD%E5%AE%9E%E8%90%BD%E7%BB%86%E9%98%B2%E6%8E%A7%E6%8E%AA%E6%96%BD%20%E5%81%9A%E5%A5%BD%E7%96%AB%E6%83%85%E9%98%B2%E6%8E%A7%E5%B7%A5%E4%BD%9C-%E7%90%BC%E6%B5%B7%E5%B8%82%E5%B7%A5%E7%A8%8B%E5%BB%BA%E8%AE%BE%E5%88%B6%E9%80%A0%E5%8E%82 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.aatgroup-th.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 01:42:13 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=798036D88459A11B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-4f4a3499.98d059f9.css
163.171.140.79200 OK 65 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-4f4a3499.98d059f9.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (65158), with no line terminators
Hash a377e1c0b46e0c3959b0733f9a4a6169
8ce2a0969bd6242fc7d00d70cfdadd0f8d45b7e5
d595898d0c86462aed00de2bfc3bd13402ea0d1918ada5ceece5aa5ea5e90f2c
GET //cdn/1e3c3bF/static/css/chunk-4f4a3499.98d059f9.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: text/css
content-length: 65158
expires: Fri, 25 Aug 2023 03:37:32 GMT
server: PWS/8.3.1.0.8
last-modified: Wed, 24 Aug 2022 05:58:18 GMT
etag: "6305bdfa-fe86"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 2498681
via: 1.1 PS-000-01U4I88:8 (W), 1.1 PShlamstdAMS1se91:11 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17268
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-4f4a3499.c5115d70.js
163.171.140.79200 OK 81 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-4f4a3499.c5115d70.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (63772), with no line terminators
Hash 56ff86cce481978066c8cd2cbaab389c
6101338f1a96b1de4f1dc896656c9da3683f6669
79d7f5354749223de06c976a4540768b2d8e9ec06bb475fa0737fddac7e4ac29
GET //cdn/1e3c3bF/static/js/chunk-4f4a3499.c5115d70.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 80986
expires: Wed, 20 Sep 2023 16:04:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-13c5a"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 207465
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1vj92:18 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17269
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/inline/check.js
163.171.140.79200 OK 1.6 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/inline/check.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (1559), with no line terminators
Hash dfb9111fff6972cf887461d5daeba696
b2de610c932bdfc7143a48e7aecff13f8d6d6090
1961d281557af0531ad0382f69b46c1964d24ab76e08724d7e111166229399a2
GET //cdn/1e3c3bF/inline/check.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 1559
expires: Wed, 20 Sep 2023 16:04:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-617"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 207465
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1se91:8 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17270
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/inline/webp.js
163.171.140.79200 OK 442 B URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/inline/webp.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (442), with no line terminators
Hash f61dce63a4929651d071ff2293419fc5
f906667e09f478b8611d2007f6d9d513bb417f27
2388824076cba13fad430613ef8d9fff931f52159b78aa628158d95e79315e0e
GET //cdn/1e3c3bF/inline/webp.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 442
expires: Wed, 20 Sep 2023 16:04:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-1ba"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 207465
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1vj92:3 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17272
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/inline/js.cookie.min.js
163.171.140.79200 OK 1.7 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/inline/js.cookie.min.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (1689), with no line terminators
Hash 5d8882368f34f2f6ea20c627e52960f9
912c24981272c91f084c3003979604ca459c9b87
3f017a42460fb75e7a131ffb690fac745514518f9e1845ba746f8da58186b863
GET //cdn/1e3c3bF/inline/js.cookie.min.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 1689
expires: Wed, 26 Jul 2023 14:17:56 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-699"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 5052257
via: 1.1 PS-000-01LpH100:8 (W), 1.1 PShlamstdAMS1cc96:5 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17271
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/behavior.js?v=20191008001
163.171.140.79200 OK 13 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/behavior.js?v=20191008001
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (3734)
Hash 0dbcb92dd62ca3d3e115c325aa30b198
f733c3c04fab106fc1004c9dde8c2bf3e5753f93
a2509dafdb4b006712b2210df6dd11fbb16c3fcd3035c98d88e9b0600ea63c2f
GET //cdn/1e3c3bF/behavior.js?v=20191008001 HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 12623
expires: Wed, 20 Sep 2023 16:04:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-314f"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 207465
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1se91:8 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17273
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:42:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-124239544-1
172.217.21.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-124239544-1
IP 172.217.21.168:0
File type ASCII text, with very long lines (1720)
Hash 117ed563827a813905c0720a2c94c0bd
5078d05a2e9aa94b5ea1a4ccaabe68c245f411e8
3605cc24aaade1e0633ddb396bc6de826dc807b2773e922592394583582f754c
GET /gtag/js?id=UA-124239544-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 01:42:13 GMT
expires: Fri, 23 Sep 2022 01:42:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 01:42:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.918cce.com/_glaxy_1e3c3b_/webToken
103.118.81.7200 OK 3.4 kB URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/webToken
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (307), with no line terminators
Hash 54d9dc5b80ebd7e034dcb636cfbcf77b
a06ca11a39cf24a33fb7a0d040876f29ab0aacb6
d7547e2f7be716f2ca72a90de913fc49143cf53c59ed8457d96605f00180a9a7
POST /_glaxy_1e3c3b_/webToken HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token:
qid: 9e54ba012a2c023081d4ba8eedfe9282
sign: 9e986bb88c28d0189d527b21b8cd75dc
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: route=44bd7497440bd9fb2b784a318dd1c069739c2a5b; Domain=a01nepweb.bawinx.com; Path=/; HTTPOnly; Secure; HttpOnly
JSESSIONID=3BEFAA7DE4E6D825F92C4DB802634BF9; Path=/; HTTPOnly; Secure; HttpOnly
access-control-allow-headers: *
access-control-allow-method: *
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-0d9bf2e2.36a83076.css
163.171.140.79200 OK 5.0 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-0d9bf2e2.36a83076.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (5049), with no line terminators
Hash d1462a5cf2863364d6920eb91ece0a9b
dd15601cde23e87d916b4f0fb29724b718e7c285
7a7ac0276b7cf81ebec24a3349761e259ed3bd3d858f7ca6d8d2b4c880de4259
GET //cdn/1e3c3bF/static/css/chunk-0d9bf2e2.36a83076.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: text/css
content-length: 5049
expires: Thu, 27 Jul 2023 07:39:00 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-13b9"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4989793
via: 1.1 PS-000-01erM87:3 (W), 1.1 PShlamstdAMS1se91:14 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17286
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-0d9bf2e2.ffe5579e.js
163.171.140.79200 OK 3.3 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-0d9bf2e2.ffe5579e.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (3157), with no line terminators
Hash 1c0663de9714ec90a196811c4584c194
b139571b0372545a2b0bf30cb801b06b02b24f97
026ed085642275672c69b8aaa964fa1bd01d356f3f756532d117c7ab0d3d9ebf
GET //cdn/1e3c3bF/static/js/chunk-0d9bf2e2.ffe5579e.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 3271
expires: Wed, 20 Sep 2023 16:04:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-cc7"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 207465
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1vj92:19 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17287
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-1c820ef7.a3eae521.css
163.171.140.79200 OK 265 B URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-1c820ef7.a3eae521.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with no line terminators
Hash c605305859c9e6ce7cee0326619801f5
d5ddecd02bb16d282481b02d19c3c5ce16a263b1
522ede0a3efe4b84b1efd9840b14739b6cb3e0e8a3dd40860b6157e6d5aa16a5
GET //cdn/1e3c3bF/static/css/chunk-1c820ef7.a3eae521.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: text/css
content-length: 265
expires: Tue, 08 Aug 2023 07:41:01 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 08 Aug 2022 03:20:38 GMT
etag: "62f08106-109"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 3952872
via: 1.1 PS-000-01QVC89:9 (W), 1.1 PShlamstdAMS1se91:6 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17288
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-4e85797c.2ed59aaf.js
163.171.140.79200 OK 5.6 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-4e85797c.2ed59aaf.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (5542), with no line terminators
Hash dd7a344c04c186183f340111faead48b
b674dacbc296bb9d4bfd9c8ae396561f4b95d768
d78ec3b6efb750e0d62075d44acd1d342e73a1e4a9b60b1ea2213d34c46bfc31
GET //cdn/1e3c3bF/static/js/chunk-4e85797c.2ed59aaf.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 5560
expires: Thu, 14 Sep 2023 08:58:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 13 Sep 2022 08:21:26 GMT
etag: "63203d86-15b8"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 751425
via: 1.1 PS-000-01QVC89:9 (W), 1.1 PShlamstdAMS1se91:9 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17291
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-1c820ef7.fd067d83.js
163.171.140.79200 OK 1.6 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-1c820ef7.fd067d83.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (1570), with no line terminators
Hash 90de107349ad3f31a17583bcf908710b
577f18c53654848a21cfcec46c4a03c84f5040d8
1358cfd4950bbb681525b9814a7f09f92d2145e2cfe4b5d9230a816730a80eed
GET //cdn/1e3c3bF/static/js/chunk-1c820ef7.fd067d83.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 1578
expires: Tue, 08 Aug 2023 07:41:01 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 08 Aug 2022 03:20:38 GMT
etag: "62f08106-62a"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 3952872
via: 1.1 PS-000-01QVC89:9 (W), 1.1 PShlamstdAMS1cc96:6 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17289
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-4e85797c.389cfd75.css
163.171.140.79200 OK 445 B URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-4e85797c.389cfd75.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (445), with no line terminators
Hash 081ce21d79c40445243cff6778f7fd68
2b0c1f9e5e75b92c66aa790a31f923300f0c4632
72ef058b87a254c1ec37e7abcc4d834318e28f3e986c1f77e11980c76db8ef20
GET //cdn/1e3c3bF/static/css/chunk-4e85797c.389cfd75.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: text/css
content-length: 445
expires: Wed, 20 Sep 2023 16:04:29 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-1bd"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 207464
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1cc96:20 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17290
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-d0b080a8.20639b20.css
163.171.140.79200 OK 1.6 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-d0b080a8.20639b20.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (1649), with no line terminators
Hash 9df98611a44415294d8719f77b924464
7f738703a006fb10311cefa0193ad942b231a3a7
93b9364be6a0af1bf5e6878a60dee86963a6d1dc4f2d7e8eee4911e0467cb357
GET //cdn/1e3c3bF/static/css/chunk-d0b080a8.20639b20.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: text/css
content-length: 1649
expires: Thu, 27 Jul 2023 07:39:00 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-671"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4989793
via: 1.1 PS-000-01erM87:3 (W), 1.1 PShlamstdAMS1vj92:1 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17293
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-d0b080a8.932a9525.js
163.171.140.79200 OK 7.9 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-d0b080a8.932a9525.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (7869), with no line terminators
Hash df354ef1ea61d6263100919fb69a0545
3275f10b7ddf8219260bacfdf1e734a9e007acf3
62e6a83d904b2bca7f2d452433a6216f91b44c9dba420f38ccb101e72e629dac
GET //cdn/1e3c3bF/static/js/chunk-d0b080a8.932a9525.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 7873
expires: Thu, 27 Jul 2023 07:39:00 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-1ec1"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4989793
via: 1.1 PS-000-01erM87:3 (W), 1.1 PShlamstdAMS1cc96:22 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17294
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-2f0633c3.8cf2beba.css
163.171.140.79200 OK 906 B URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-2f0633c3.8cf2beba.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (906), with no line terminators
Hash e0dd5f2a0cd56e8cd66c44e8c33e54d8
8fb82286980eb1a1c18881c7cec7124fc3bd83c8
0772a81921ed3019c83202479df80f1a46963b8ea6bb19733ed87e2ee6386300
GET //cdn/1e3c3bF/static/css/chunk-2f0633c3.8cf2beba.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: text/css
content-length: 906
expires: Wed, 20 Sep 2023 16:04:29 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-38a"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 207464
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1vj92:4 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17295
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-2f0633c3.bf891ba4.js
163.171.140.79200 OK 2.7 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-2f0633c3.bf891ba4.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (2647), with no line terminators
Hash 8c9cb9f21c78c88edc2a6580d6c45a20
b55d22b05a3eb877da2e46654c0d4e5526b51bd1
61af248e63fd35f647d7de5f25816d7a01b929d83b167b908641827391355888
GET //cdn/1e3c3bF/static/js/chunk-2f0633c3.bf891ba4.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 2701
expires: Wed, 20 Sep 2023 16:04:29 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-a8d"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 207464
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1vj92:21 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17296
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-2d237151.8c386755.js
163.171.140.79200 OK 40 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-2d237151.8c386755.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (39766), with no line terminators
Hash 7a49de15f086793e3b32af71b826a665
6765b29d411d378a5d6c3324314a43e3519d5f8a
4267dda5a16fe1a7fe882aeea281b4d984de6dcc4ee44921ae797ad7cba7ad7b
GET //cdn/1e3c3bF/static/js/chunk-2d237151.8c386755.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 39771
expires: Thu, 27 Jul 2023 07:39:00 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-9b5b"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4989793
via: 1.1 PS-000-01erM87:3 (W), 1.1 PShlamstdAMS1vj92:22 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17297
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-0b4c08a4.44674f73.css
163.171.140.79200 OK 14 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-0b4c08a4.44674f73.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (13960), with no line terminators
Hash bf8eac4af177391310229f3114f49d30
1671a516fbdca95692c5ba86b2a96443fdbabefe
64c30b9cd78368df22c6a4126da4494adf72f7df22357e54f9c8b042b938f8bd
GET //cdn/1e3c3bF/static/css/chunk-0b4c08a4.44674f73.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: text/css
content-length: 13960
expires: Thu, 27 Jul 2023 07:39:00 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-3688"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4989793
via: 1.1 PS-000-01erM87:3 (W), 1.1 PShlamstdAMS1se91:8 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17298
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-0b4c08a4.b585a632.js
163.171.140.79200 OK 7.0 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-0b4c08a4.b585a632.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type Unicode text, UTF-8 text, with very long lines (6758), with no line terminators
Hash fef38431189be0dcfa73e6173a509d05
ef344362507c57b0c74bc7e22f219433902536b8
fe7bea5a1be122a08bc5ea872d99b9ae5adc538eecc0dde2449ac386d2659a7a
GET //cdn/1e3c3bF/static/js/chunk-0b4c08a4.b585a632.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 6982
expires: Thu, 14 Sep 2023 08:58:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 13 Sep 2022 08:21:25 GMT
etag: "63203d85-1b46"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 751425
via: 1.1 PS-000-01QVC89:9 (W), 1.1 PShlamstdAMS1vj92:9 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17299
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/sport/ysbty590.jpg
163.171.140.79200 OK 39 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/sport/ysbty590.jpg
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 590x192, components 3\012- data
Hash 5d504319ace6a3b3c1a64e8b9c4042d9
a01e9d12e314b20affa835dca36521cbf6ca55e1
352ea90fbbcc949e4534397ca4a1e16b2a61f04110bfbd0584df84477b7293e3
GET //cdn/1e3c3bF/site/sport/ysbty590.jpg HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/jpeg
content-length: 38965
expires: Thu, 14 Sep 2023 08:58:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 13 Sep 2022 08:21:26 GMT
etag: "63203d86-9835"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 751426
via: 1.1 PS-000-01QVC89:9 (W), 1.1 PShlamstdAMS1vj92:10 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17302
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/sprite-icons1.66dcc1e6.png
163.171.140.79200 OK 17 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/sprite-icons1.66dcc1e6.png
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 348 x 236, 8-bit colormap, non-interlaced\012- data
Hash 66dcc1e635b198f8c4c6900cc801e273
f1e1dc8a051d4fae85a121cf6d7a8b89ade77c18
6c247ba5c5bea0d4d54632dea6c176b6debd89f70a40740260c44800855f8e8c
GET //cdn/1e3c3bF/static/img/sprite-icons1.66dcc1e6.png HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/index.99d0fbdf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/png
content-length: 17016
expires: Thu, 27 Jul 2023 07:39:00 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-4278"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4989794
via: 1.1 PS-000-01erM87:3 (W), 1.1 PShlamstdAMS1vj92:6 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17303
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/title-bg.73043606.png
163.171.140.79200 OK 4.8 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/title-bg.73043606.png
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 138 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 73043606ca6c7b690eaf3cc50a3b14dc
b1cab7956db5c4859793b5cc17d9cb4cea5fc72b
e26ee1a486c4eab53c72d4d640dec2cdbad8d83c9617ac5eb6cc2b73a554e342
GET //cdn/1e3c3bF/static/img/title-bg.73043606.png HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-4f4a3499.98d059f9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/png
content-length: 4813
expires: Thu, 14 Sep 2023 08:58:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 13 Sep 2022 08:21:25 GMT
etag: "63203d85-12cd"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 751426
via: 1.1 PS-000-01QVC89:9 (W), 1.1 PShlamstdAMS1vj92:21 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17306
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/sprite-common.148cc972.png
163.171.140.79200 OK 9.4 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/sprite-common.148cc972.png
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 140 x 304, 8-bit colormap, non-interlaced\012- data
Hash 148cc972dc5fed0f071066f0bef23fe1
feb7348e71a75bb6b1ef5032604d928e110fd2bb
2a8af608fd29dad3a3c7c7ebbc969360346e027833a5fad6ddb8dc01021e4d8e
GET //cdn/1e3c3bF/static/img/sprite-common.148cc972.png HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/index.99d0fbdf.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/png
content-length: 9368
expires: Thu, 27 Jul 2023 07:39:00 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-2498"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4989794
via: 1.1 PS-000-01erM87:3 (W), 1.1 PShlamstdAMS1cc96:2 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17307
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/loading.5ea07d2c.gif
163.171.140.79200 OK 29 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/loading.5ea07d2c.gif
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 84 x 84\012- data
Hash 5ea07d2ce6905d7874cb4c9b81f0b14a
dc53b38ada479032dc2e6751019ec80e8f6335e4
d1c4c7b87fc154e2fe3a3190f3d949159ed4cb9e775aba4858f4729c954a0587
GET //cdn/1e3c3bF/static/img/loading.5ea07d2c.gif HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/gif
content-length: 29139
expires: Wed, 20 Sep 2023 16:04:29 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-71d3"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 207465
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1vj92:19 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17308
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/home-logout-qj.jpg_.webp
163.171.140.79200 OK 7.8 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/home-logout-qj.jpg_.webp
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 412x261, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e56ff85c2b5b1e053e55960746ff9b8
086a75a6252978589ff687f08b7b00e767b15419
6a263b19fd552171c7980117b10c304510f0091eb4698a30778d7bd2cbe998a6
GET //cdn/1e3c3bF/site/home/home-logout-qj.jpg_.webp HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/webp
content-length: 7750
expires: Wed, 20 Sep 2023 16:35:45 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-1e46"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 205589
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1cc96:5 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17310
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/home-sprite-icon.259c7109.png
163.171.140.79200 OK 10 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/home-sprite-icon.259c7109.png
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 289 x 286, 8-bit colormap, non-interlaced\012- data
Hash 259c7109f9909604ced5c1c3423bfe9c
7358db64bde122003c1d04ca434c99d0a31bf2f8
fe067e3caacdd849f741ec2eb4f02f886902651a47de2dbfb5f0ebe0fc419f41
GET //cdn/1e3c3bF/static/img/home-sprite-icon.259c7109.png HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-4f4a3499.98d059f9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/png
content-length: 10075
expires: Thu, 14 Sep 2023 08:58:28 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 13 Sep 2022 08:21:25 GMT
etag: "63203d85-275b"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 751426
via: 1.1 PS-000-01QVC89:9 (W), 1.1 PShlamstdAMS1vj92:20 (W)
x-px: ht PShlamstdAMS1vj92AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17311
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/sport/sbty590.png
163.171.140.79200 OK 46 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/sport/sbty590.png
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 590 x 192, 8-bit colormap, non-interlaced\012- data
Hash 4cb8dc04520aa13e49ca13d060b9800e
f4e080c588c3a808d03f0d07ac6ebcef5bc863dc
3705db6c6f73cebe9460205f77856ea60edd2c03df3ad2c3422f065cfa093250
GET //cdn/1e3c3bF/site/sport/sbty590.png HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/png
content-length: 45611
server: PWS/8.3.1.0.8
last-modified: Thu, 25 Aug 2022 04:31:32 GMT
etag: "6306fb24-b22b"
expires: Sat, 23 Sep 2023 01:42:14 GMT
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 PSxgHKG8om130:8 (W), 1.1 PShlamstdAMS1vj92:8 (W)
x-px: ms PShlamstdAMS1vj92AMS,ms PSxgHKG8om130000(origin)
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17301
X-Firefox-Spdy: h2
1e3c3bfront.yhkma.com//cdn/1e3c3bF/cdn_test.jpg?v=1663897331260
140.249.90.182200 OK 26 B URL HTTP/2 1e3c3bfront.yhkma.com//cdn/1e3c3bF/cdn_test.jpg?v=1663897331260
IP 140.249.90.182:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET //cdn/1e3c3bF/cdn_test.jpg?v=1663897331260 HTTP/1.1
Host: 1e3c3bfront.yhkma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:11 GMT
content-type: image/jpeg
content-length: 26
expires: Fri, 23 Sep 2022 01:42:11 GMT
server: nginx
last-modified: Thu, 18 Jun 2020 02:26:07 GMT
etag: "5eead0bf-1a"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-cc-via: 119_HK-xianggang-xianggang-4-cache-2[M,5],14_dx-lt-yd-obgp-zhejiang-hangzhou-11-cache-2[M,41],161_dx-shandong-qingdao-6-cache-2[M,61]
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/home-logout-gj.jpg_.webp
163.171.140.79200 OK 5.9 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/home-logout-gj.jpg_.webp
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7976409ee3d5a6255f8e75fd7196c2bd
15b44fa2794873d9cc84ed3ab12c059ae6910149
704f0ba97cb2de363bb38ea225235676116713e0e5d25f8d8caa01a23bc42bc3
GET //cdn/1e3c3bF/site/home/home-logout-gj.jpg_.webp HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/webp
content-length: 5886
expires: Thu, 27 Jul 2023 07:39:03 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-16fe"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4989791
via: 1.1 PS-000-01erM87:3 (W), 1.1 PShlamstdAMS1se91:6 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17312
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/home-logout-by.jpg_.webp
163.171.140.79200 OK 6.3 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/home-logout-by.jpg_.webp
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type RIFF (little-endian) data, Web/P image\012- data
Hash daf9a0106b56a1cf04914a1c0375b13d
37e41094835e5ed730b8e6aec45a9da1214f2c49
ff1f172fb46950c1ff768067298ee10a493299024e32f7bc9e1490bd9041feb2
GET //cdn/1e3c3bF/site/home/home-logout-by.jpg_.webp HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/webp
content-length: 6326
expires: Wed, 20 Sep 2023 16:35:45 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-18b6"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 205589
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1se91:6 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17313
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/login/h-login-dz-ttg.jpg_.webp
163.171.140.79200 OK 15 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/login/h-login-dz-ttg.jpg_.webp
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 386x147, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63ced18814078cec24fd7ed53899d6f8
ad661b9e4146886f717f38531711a3b84a8efc0c
e7c2ad2abf393b70612021666ad8caec7be60b50aa825ceefb756f314e4d506c
GET //cdn/1e3c3bF/site/home/login/h-login-dz-ttg.jpg_.webp HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/webp
content-length: 14976
expires: Fri, 28 Jul 2023 05:07:36 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-3a80"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4912478
via: 1.1 PS-000-01cZq86:0 (W), 1.1 PShlamstdAMS1cc96:3 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17314
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/login/h-login-dz-pt.jpg_.webp
163.171.140.79200 OK 14 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/login/h-login-dz-pt.jpg_.webp
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 386x148, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 340cc30694a2648c385af22148befacf
41548b74fb02e0f2efcf8eee6667d4eab8dcc5c0
132074201fdc95b8b90cf948fd242f636d20d5258e96c44538f96325bf4c7107
GET //cdn/1e3c3bF/site/home/login/h-login-dz-pt.jpg_.webp HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/webp
content-length: 13926
expires: Wed, 13 Sep 2023 15:22:24 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 13 Sep 2022 08:21:26 GMT
etag: "63203d86-3666"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 814790
via: 1.1 PS-000-01U4I88:7 (W), 1.1 PShlamstdAMS1se91:2 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17315
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/login/h-login-dz-fish.jpg_.webp
163.171.140.79200 OK 9.4 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/site/home/login/h-login-dz-fish.jpg_.webp
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 386x148, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 33d772c1348a1830e3da0a425be12373
2db90b1ee5077411bf7c67193d54baecb05da2b5
abf2f1e090a4d33412bb8166fd65542a01214935dedc9e517e90a41fde8bdec1
GET //cdn/1e3c3bF/site/home/login/h-login-dz-fish.jpg_.webp HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/webp
content-length: 9352
expires: Fri, 28 Jul 2023 05:07:36 GMT
server: PWS/8.3.1.0.8
last-modified: Mon, 25 Jul 2022 09:50:10 GMT
etag: "62de6752-2488"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 4912478
via: 1.1 PS-000-01cZq86:0 (W), 1.1 PShlamstdAMS1se91:18 (W)
x-px: ht PShlamstdAMS1se91AMS
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17316
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-429099ec.cd59d960.js
163.171.140.79200 OK 7.8 kB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/js/chunk-429099ec.cd59d960.js
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (7761), with no line terminators
Hash d0734d4246df69b91e4944fb2e72365e
5b17bcc9444d3c48fca13e1e42305b004a3c4073
3808eaa3c7a768c0d786cb69928edcaecf00b6076a31394826b3a3cfa51faa3c
GET //cdn/1e3c3bF/static/js/chunk-429099ec.cd59d960.js HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 7761
server: PWS/8.3.1.0.8
last-modified: Thu, 22 Sep 2022 09:36:24 GMT
etag: "632c2c98-1e51"
expires: Sat, 23 Sep 2023 01:42:14 GMT
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 PS-000-01erM87:5 (W), 1.1 PShlamstdAMS1se91:22 (W)
x-px: ms PShlamstdAMS1se91AMS,ms PS-000-01erM87000(origin)
x-ws-request-id: 632d0ef5_PShlamstdAMS1se91_20092-17285
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/PC%E5%AF%BC%E8%88%AA%E8%A3%85%E9%A5%B0.9e232949.gif
163.171.140.79200 OK 1.3 MB URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/img/PC%E5%AF%BC%E8%88%AA%E8%A3%85%E9%A5%B0.9e232949.gif
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type GIF image data, version 89a, 1920 x 75\012- data
Size 1.3 MB (1293869 bytes)
Hash c3def2e35b722a51ad5c5bce7e4450e4
4210d3b65a03a37a97ddd3e1e7f18d052c8cdea1
38fb5870538b14d6588fb1d5afe2fe0b808cc18be3d57ee7ccdd2f2f3c7b93d7
GET //cdn/1e3c3bF/static/img/PC%E5%AF%BC%E8%88%AA%E8%A3%85%E9%A5%B0.9e232949.gif HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: image/gif
content-length: 1293869
server: PWS/8.3.1.0.8
last-modified: Thu, 08 Sep 2022 05:32:33 GMT
etag: "63197e71-13be2d"
expires: Sat, 23 Sep 2023 01:42:14 GMT
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
via: 1.1 PSxgHKG8om130:8 (W), 1.1 PShlamstdAMS1cc96:19 (W)
x-px: ms PShlamstdAMS1cc96AMS,ms PSxgHKG8om130000(origin)
x-ws-request-id: 632d0ef6_PShlamstdAMS1se91_20092-17304
X-Firefox-Spdy: h2
1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-f73bb5d4.4afddd82.css
163.171.140.79200 OK 251 B URL HTTP/2 1e3c3bfront.hwlingjing.com//cdn/1e3c3bF/static/css/chunk-f73bb5d4.4afddd82.css
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with no line terminators
Hash 8a866f34f2005ac6f0e304a39a39fa16
15f8d8c7fd4f92122e0cdeb96ea34e193524693b
7de2c964f8535f20d141689ab2966ca1535a316f9b85345d9ef48cf6a67c4a5c
GET //cdn/1e3c3bF/static/css/chunk-f73bb5d4.4afddd82.css HTTP/1.1
Host: 1e3c3bfront.hwlingjing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.918cce.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 01:42:15 GMT
content-type: text/css
content-length: 251
expires: Wed, 20 Sep 2023 16:28:51 GMT
server: PWS/8.3.1.0.8
last-modified: Tue, 20 Sep 2022 02:25:50 GMT
etag: "632924ae-fb"
cache-control: max-age=31536000
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
age: 206004
via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1cc96:9 (W)
x-px: ht PShlamstdAMS1cc96AMS
x-ws-request-id: 632d0ef7_PShlamstdAMS1se91_20092-17338
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/queryVIPLine
103.118.81.7200 OK 16 kB URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/queryVIPLine
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash aa2bd5f25f84ca519ab0d2837ac328da
0962b147c0189a519115829ca87ce4ea0e416535
999a296375aa967e5004e794a24504ca90174c5d023278a88af034efa6e72b8c
POST /_glaxy_1e3c3b_/queryVIPLine HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 1b5f0ecc9f43c7d1ba11612d89540210
sign: 8c29e6492bb1cad487aa7ac7a8f1c2fc
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: route=98703b16c2533d2508f294194d49b283db3000b3; Domain=a01nepweb.bawinx.com; Path=/; HTTPOnly; Secure; HttpOnly
access-control-allow-headers: *
access-control-allow-method: *
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
1e3c3bfront.zcdiks.com/cdn/A01FP/externals/img/_wms/_l/form/form-2454-0-0ac3d25a85ef07619151f2e05a766529.png
163.171.140.79200 OK 8.0 kB URL HTTP/1.1 1e3c3bfront.zcdiks.com/cdn/A01FP/externals/img/_wms/_l/form/form-2454-0-0ac3d25a85ef07619151f2e05a766529.png
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type PNG image data, 154 x 145, 8-bit colormap, non-interlaced\012- data
Hash 0ac3d25a85ef07619151f2e05a766529
c4e6521a8171c70f5d214be3c68b90c6a01a1d57
7de60a1ba2c054f17d680b656fc8afa311c680eaa6895987b19703d24a7c8562
GET /cdn/A01FP/externals/img/_wms/_l/form/form-2454-0-0ac3d25a85ef07619151f2e05a766529.png HTTP/1.1
Host: 1e3c3bfront.zcdiks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 01:42:15 GMT
Content-Type: image/png
Content-Length: 8025
Connection: keep-alive
Expires: Wed, 20 Sep 2023 15:38:57 GMT
Server: PWS/8.3.1.0.8
Last-Modified: Thu, 30 Sep 2021 02:42:13 GMT
ETag: "61552405-1f59"
Cache-Control: max-age=31536000
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Age: 208998
Via: 1.1 PS-000-01LpH100:2 (W), 1.1 PShlamstdAMS1vj92:14 (W)
X-Px: ht PShlamstdAMS1vj92AMS
X-Ws-Request-Id: 632d0ef7_PShlamstdAMS1cc96_28477-56443
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/serverTime
103.118.81.7200 OK 1.2 kB URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/serverTime
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 4642b8c1e8eb55bdefdfe93ad729407c
09d0065df045891bce2fbcd0d4bbecdb2a63fb17
206f25ed393a228e0fc9a7b1ce609bea6b54d08aaf5e483f3ed51d919ae2db59
POST /_glaxy_1e3c3b_/_extra_/api/v1/serverTime HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 4035eced84092b2df96d9a1f29610aea
sign: 4c300f3ca7aef08b4a820093ec5325a4
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/qr-code HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: cceebbf270b8dbfefe5a29daec6fd727
sign: 7269c50ca7ca1dfe4cc9add87c6dea30
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 111
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/qr-code HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 7cb347b828802cb0164e1a368c48640b
sign: 1de11e532869dfdbcf58e8558190d639
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 111
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
set-cookie: NSC_JOwdw5eyc2u5h0sbcnafg3evdpzxfdB=ffffffff09f814a145525d5f4f58455e445a4a421488; Version=1; Max-Age=1200; path=/; HTTPOnly; Secure; httponly
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/activity/common-window/window-floating
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/activity/common-window/window-floating
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/activity/common-window/window-floating HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 2c36aeb6f8c0b9d6f71f1aee48ae3603
sign: 5b5a0ee31cb8c6df88e5a281b318d95a
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
set-cookie: NSC_JOwdw5eyc2u5h0sbcnafg3evdpzxfdB=ffffffff09f814a145525d5f4f58455e445a4a421488; Version=1; Max-Age=1200; path=/; HTTPOnly; Secure; httponly
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/getOTCStatus
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/getOTCStatus
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/getOTCStatus HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 0aef6c37405d674a89b93ef3f7bffb44
sign: c3d7aca63a5d7c7314bbccc88289f183
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
set-cookie: NSC_JOwdw5eyc2u5h0sbcnafg3evdpzxfdB=ffffffff09f814a145525d5f4f58455e445a4a421488; Version=1; Max-Age=1200; path=/; HTTPOnly; Secure; httponly
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/activity/money-rain/info
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/activity/money-rain/info
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/activity/money-rain/info HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: ffb281ad8531058a1a8990fd220698de
sign: 1adc6a352d94f67fa305a8051f5121dc
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
x-debug-activity-info-cache-key: ACTIVITY_INFO_CACHE_avrc5v3fldY
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/other/announcement/sports
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/other/announcement/sports
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/other/announcement/sports HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: ed563c6998bd8e69019347a8d69fb9a3
sign: 82934a0b89dba7745fe40b89e26baeb0
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
set-cookie: NSC_JOwdw5eyc2u5h0sbcnafg3evdpzxfdB=ffffffff09f8141d45525d5f4f58455e445a4a421488; Version=1; Max-Age=1200; path=/; HTTPOnly; Secure; httponly
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/qr-code HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 6e88939000378aa39f271769188d92e9
sign: 73b1656c3fd2e5620bf5a766352857a6
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 109
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
set-cookie: NSC_JOwdw5eyc2u5h0sbcnafg3evdpzxfdB=ffffffff09f814a145525d5f4f58455e445a4a421488; Version=1; Max-Age=1200; path=/; HTTPOnly; Secure; httponly
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/activity/common-window/window-popup
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/activity/common-window/window-popup
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/activity/common-window/window-popup HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 87387c5e4815ff6c0d9b85b328973b50
sign: 55fb95f4c5365673b32f42cae7d2e2c7
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
set-cookie: NSC_JOwdw5eyc2u5h0sbcnafg3evdpzxfdB=ffffffff09f8141d45525d5f4f58455e445a4a421488; Version=1; Max-Age=1200; path=/; HTTPOnly; Secure; httponly
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/qr-code HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 1e9430a86dbb9d7c50126b3666666c9e
sign: c524754d03336d3fd9473cbaf00a9d80
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 108
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/other/tiger/total-lottery-pool
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/other/tiger/total-lottery-pool
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/other/tiger/total-lottery-pool HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 3f1d64049bb00096a024f975f09dc29f
sign: 11ddab5620a1f4f09a981326f1ef5e32
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 60
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:15 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/wms/version
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/wms/version
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/wms/version HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 194f22e0964cce43b4efda0791989b6d
sign: db86bae4ba04575e09725345a46042dc
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 87
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
set-cookie: NSC_JOwdw5eyc2u5h0sbcnafg3evdpzxfdB=ffffffff09f814a145525d5f4f58455e445a4a421488; Version=1; Max-Age=1200; path=/; HTTPOnly; Secure; httponly
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/qr-code HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: a8e584f9c80a8767c37d299654a33dd7
sign: 0526a67f9c3c64bb1bef5fc712983b03
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 109
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/pointExchange/checkPointExchange
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/pointExchange/checkPointExchange
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/pointExchange/checkPointExchange HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 8b9ca4cc13a736b118672786ae01ffa7
sign: 9d76c3570e3d8cd685b43b087711d8d9
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 79
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: route=03e86f17cb62a8b85eb6674479fc88edd19086e0; Domain=a01nepweb.bawinx.com; Path=/; HTTPOnly; Secure; HttpOnly
access-control-allow-headers: *
access-control-allow-method: *
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/qr-code HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: acd1be32c2400654becf4a475c46453e
sign: 2a4a5cd6321f8dbea5f2a9fd49ea8bbf
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 109
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/?palcode=1007182765
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/?palcode=1007182765
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
GET /?palcode=1007182765 HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.aatgroup-th.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:11 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 21 Sep 2022 10:24:08 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"632ae648-3103"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
magic_string: 178aa526b36126fd25b8d3446d0c1d25
content-encoding: gzip
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/_extra_/api/v1/qr-code
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/_extra_/api/v1/qr-code HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: a599263926af97bbceba2e8a9345f3ca
sign: df658b477ee922da690428cc10b5c04a
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 109
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
x-powered-by:
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-expose-headers: Authorization, authenticated
access-control-allow-credentials: true
access-control-allow-headers: *, *
access-control-allow-method: *
access-control-allow-origin: *, *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/message/queryAnnounces
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/message/queryAnnounces
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/message/queryAnnounces HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 562a2607eec88fcb2f704fe6d9821a03
sign: cdc65cd30cd4a66d9a5b90b08515f867
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: route=b3615e93c4ae972aaa77dbb1e3585786866af550; Domain=a01nepweb.bawinx.com; Path=/; HTTPOnly; Secure; HttpOnly
access-control-allow-headers: *
access-control-allow-method: *
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.918cce.com/_glaxy_1e3c3b_/liveChatAddressOCSS
103.118.81.7200 OK 0 B URL HTTP/2 www.918cce.com/_glaxy_1e3c3b_/liveChatAddressOCSS
IP 103.118.81.7:0
ASN #137962 GREYPANEL PTE LTD
POST /_glaxy_1e3c3b_/liveChatAddressOCSS HTTP/1.1
Host: www.918cce.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
deviceId: 1486269205
v: 1.0.0
appId: 8884e7b128d948cbb51766f0e30bb888
token: 6sNvgv4wu0IvEovfodzBMQp/kO9ipodfig19UphzUfiPBtXgIc5h6RfItikUmF1Vt2dvXc5FUxk7S8w2El82jo+ILOHemKkJRNrub7Q2hMJgqxbyw7tYBQ==
qid: 15f84e18f943a7af6c79a293dc650237
sign: 77b7ede1369ca5d34bbccefd5f24f084
domainName: www.918cce.com
Content-Type: application/json;charset=utf-8
Content-Length: 48
Origin: https://www.918cce.com
Connection: keep-alive
Referer: https://www.918cce.com/home?palcode=1007182765
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.7
date: Fri, 23 Sep 2022 01:42:14 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: route=e9d92007ff91a32a0f2e7f7affa4878d158f35b8; Domain=a01nepweb.bawinx.com; Path=/; HTTPOnly; Secure; HttpOnly
access-control-allow-headers: *
access-control-allow-method: *
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2