Report - mygkw.com/

Report Overview

Submitted URL
mygkw.com/
IP
104.21.62.131
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-18 08:36:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
core.vchat.vn	281149	2020-06-19T06:45:06Z	2023-03-10T07:39:16Z	9.5 kB	859 kB	42.112.21.2
static.ladipage.net	149891	2017-02-02T11:19:13Z	2023-03-09T16:59:15Z	427 B	378 B	52.77.181.136
a.ladipage.com	59666	2020-08-14T04:05:09Z	2023-03-10T03:39:39Z	1.3 kB	6.6 kB	175.41.143.252
wss1.vchat.vn	253356	2020-06-19T06:45:07Z	2023-03-07T08:24:29Z	2.4 kB	913 B	42.112.21.2
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.1 kB	3.0 kB	54.230.245.110
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.8 kB	66 kB	34.120.237.76
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-10T05:16:10Z	348 B	1.2 kB	172.64.155.188
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.4 kB	4.9 kB	142.250.74.3
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	370 B	21 kB	142.250.74.174
www.taixiu.cc	unknown	2021-09-22T06:24:14Z	2023-01-28T17:02:49Z	458 B	1.1 kB	18.138.206.213
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.13.69.101
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	416 B	1.9 kB	142.250.74.10
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	1.4 kB	3.9 kB	172.64.155.188
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	1.5 kB	93 kB	216.58.207.195
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	2.5 kB	93.184.220.29
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
w.ladicdn.com	44911	2019-05-31T05:28:28Z	2023-03-10T03:39:36Z	14 kB	3.9 MB	138.199.37.231
mygkw.com	unknown	2017-07-23T11:01:04Z	2022-12-30T09:37:38Z	780 B	1.2 kB	104.21.62.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-18	medium	www.taixiu.cc/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22	1.8 kB	2023-03-11	2023-03-11
Pretty URL core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22 IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:54:01 Last Seen2023-03-11 13:54:01 Times Seen1 Hash 9f5378b4a36137253aad72d455b460cc 3226e5b9cc1f5244af68ffa6748203aa155bb3e3 2490a3050234dad70cd68461aad99028142ff1278fbfa3e5841c1767c506cb96 Loading...

	core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22	131 kB	2023-03-11	2023-03-11
Pretty URL core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22 IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:54:01 Last Seen2023-03-11 13:54:01 Times Seen1 Hash 177ed34e7d32068c34c8ed809512b77d 1bad7e8201acb9c75087cd5bdf6347a58d7c9f1b 8fd307624e9b34541807a65206bf37c787f52258be1ded93df655de25ded4fab Loading...

	www.taixiu.cc/	333 B	2023-03-07	2023-03-17
Pretty URL www.taixiu.cc/ IP 18.138.206.213 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:56 Last Seen2023-03-17 10:26:48 Times Seen1 Hash bf9f09fd3c104a6f08995db4fc26661b a5f57e6dbdf44f4b85a546321a6f1bc490c9833d 8115df4d1d9db4455da93f3172e77eb93b15c713b99d7b237c571b3788934e69 Loading...

	core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22	18 kB	2023-03-11	2023-03-11
Pretty URL core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22 IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:54:01 Last Seen2023-03-11 13:54:01 Times Seen1 Hash f3effbb77137ae808ce4c316cf3a1200 373600454be402ea1db6000e2189af80c1d93586 c5f350637137f4108c9aee51554a8e9805a7154563b24f4e6d50fe6864b04865 Loading...

	core.vchat.vn/assets/js/axios.min.js	14 kB	2023-03-07	2023-11-20
Pretty URL core.vchat.vn/assets/js/axios.min.js IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:17 Last Seen2023-11-20 03:50:12 Times Seen34 Hash 38d761de833dac4e6e929951cc8f1f1c b6f4033fb28206ea9018e22ab7c77038e7764478 7d950014f08aab41621a1cbcbeb06a9cde95c8bb4c70019e63f79c0193abad50 Loading...

	core.vchat.vn/code/socket.io.2.3.0.js	69 kB	2023-03-07	2023-11-20
Pretty URL core.vchat.vn/code/socket.io.2.3.0.js IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:17 Last Seen2023-11-20 03:50:12 Times Seen9 Hash 9d982cf80aa2a6e09d791809e48cd82f ed5bdb9f91879730e833f6b95f1960afd5a72c37 cc9c49fda0fdb365078fd84798f91fa86a3a93e942137c5f85b058e1f697e102 Loading...

	core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22	203 B	2023-03-07	2023-11-20
Pretty URL core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22 IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:17 Last Seen2023-11-20 03:50:12 Times Seen16 Hash 4743a1f02aa9a8d353e49b6a0645b3dd 90bef1aa0a6aed9dd7f7efa317d0caf55a5e2a18 c6cb7fd8d0184993acfd76d654ff8ad51e7d80317380b94ab786cabf6c934a47 Loading...

	mygkw.com/	643 B	2023-03-07	2023-03-17
Pretty URL mygkw.com/ IP 104.21.62.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:09:33 Last Seen2023-03-17 10:25:17 Times Seen1 Hash 9c6b3d4b132513ec5c06d8c47ed14dd7 a77a77951f836239cf6b4c3585d8fe9980176fdd 21154c67617686a95bab71f7412fe33eee2aaf02e1f5e670c1512221e8653163 Loading...

	www.taixiu.cc/	1.2 kB	2023-03-07	2023-12-21
Pretty URL www.taixiu.cc/ IP 18.138.206.213 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:23 Last Seen2023-12-21 05:00:07 Times Seen61 Hash 9e3f60a75e28b843c9e65af09e0ac529 61f639ec62c28e4fc7eba5727ee85f3d8bbf9426 4468dbebdc7ea3068aa10ef0b4abfb1e08494a3e6468258d931a6f9371553ada Loading...

	core.vchat.vn/assets/js/main.js?version=251291	38 kB	2023-03-10	2023-03-11
Pretty URL core.vchat.vn/assets/js/main.js?version=251291 IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:27:58 Last Seen2023-03-11 18:58:45 Times Seen1 Hash 5aeee45243d28f0e20c1852ecdfa0ff2 8b9ea7cfefc556c8c01fcb24c58ded4c71d1231c 2e57364db5f9a93c3c4cab67a67264cf5006619ae38c62bf018f23c0f851651b Loading...

	core.vchat.vn/assets/js/vue.2.3.js	255 kB	2023-03-07	2023-11-20
Pretty URL core.vchat.vn/assets/js/vue.2.3.js IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:17 Last Seen2023-11-20 03:50:12 Times Seen48 Hash f3304bbb2d5973eed6b0422a293c58b6 016775168e6a48b61a1009fb9bbf067b9add3dd4 b1ac0fd6c2e471a038610250580b636a16a6806e9bac699a209591858c037e7a Loading...

	w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1661321691911	342 kB	2023-03-11	2023-03-12
Pretty URL w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1661321691911 IP 138.199.37.231 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:41:33 Last Seen2023-03-12 18:46:08 Times Seen1 Hash d1f825e4d997d9c72d22637df4cb634e 47d5894b461a3937e90b1402eac2b5285f419e2d 468c71039f833d1e6f05b65cbc2594ef47b9e713487c8f741549763839936635 Loading...

	core.vchat.vn/code/tracking.js	41 kB	2023-03-07	2023-03-17
Pretty URL core.vchat.vn/code/tracking.js IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:17 Last Seen2023-03-17 12:30:36 Times Seen1 Hash 6fd89afdd10d6e2e6b8f7064d471ed1b b3692a65b744128f784fe288974c1b48eea04c7a 837f0647359c3d60e5d675a2d360e979b43ed72b343f72c1e8c13bacb9c001b4 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 07:47:47 Times Seen1515 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.taixiu.cc/	2.0 kB	2023-03-07	2024-01-27
Pretty URL www.taixiu.cc/ IP 18.138.206.213 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:23 Last Seen2024-01-27 12:53:40 Times Seen113 Hash b4f464ea238ee6ca0f3e57b7a731bf67 644f832179a4c61f57ca517ae3a49c2599f4218b 3ecb157c74b1ef08a3e06e515e44ed8e3c49d647c08ae887564689ce5d282199 Loading...

	core.vchat.vn/assets/js/jquery.js	93 kB	2023-03-07	2024-04-14
Pretty URL core.vchat.vn/assets/js/jquery.js IP 42.112.21.2 ASN #18403 FPT Telecom Company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:17 Last Seen2024-04-14 22:05:10 Times Seen218 Hash 1d14cd3798bc4d6aaf65dd625870723f 0809f9f5caa2642b9dea8bf59133180bfd7c1d6f 04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83 Loading...

	www.googletagmanager.com/gtag/js?id=UA-167885744-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-167885744-1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:54:01 Last Seen2023-03-11 13:54:01 Times Seen1 Hash b450498f2e4fdad390f9635ff365fde3 b9a40c8b8407974b9d70bac5e36b17411551f844 e65b248499fea9cd374e842eca483abc99af05cb24860b3695c8af3ac17c625c Loading...

HTTP Transactions (97)

URL IP Response Size

mygkw.com/

104.21.62.131

301 Moved Permanently

0 B

URL HTTP/1.1
mygkw.com/
IP
104.21.62.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: mygkw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 08:36:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Nov 2022 09:36:23 GMT
Location: https://mygkw.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdT95txT8yqovJuzNxW29C6KXaL8fI7SYf5knwIzNOG7sPr0rm7qwztJ0T974b7QAINUGLY3xXDYaJgNQY36YLkjOnxw01MlbaD8avTvBg38OX61Gii0hzhihZE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bf60ce7af6b4e8-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
30c30d01178fc74ac5266ee64c3ee85b
c0c2af8a864c00aa85a8775d55f85ab107150a3b
c15644f69fbfeb99074c7e9711dfc9452ee164fa78eb981b6bae4fb7e3585f2a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5142
Expires: Fri, 18 Nov 2022 10:02:05 GMT
Date: Fri, 18 Nov 2022 08:36:23 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
be1be806b5dca7facbb45a6c3db44652
7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4
1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5699
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:23 GMT
Last-Modified: Fri, 18 Nov 2022 07:01:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 07:44:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3097
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Fri, 18 Nov 2022 11:03:15 GMT
Date: Fri, 18 Nov 2022 08:36:23 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: C6RMBuA24NcNiplLCbzEDcT2wPd6DIJ8KoW4BKaonPdVJ1053uESReznlNAlUcTQXEKU6S/TxoE=
x-amz-request-id: BDM92PR8WYDMYMQJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 08:15:31 GMT
age: 1252
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 08:36:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f8e70192cb1ed1cb2ba9ec92ed78ac36
4b2375368d2bc9ecda11300cb4e161807c038884
e042e016410a6b43645ab8073d380641a98b07677352dd7a55e68708aadf68d8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:23 GMT
Server: ECS (amb/6BA0)
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 08:25:01 GMT
cache-control: public,max-age=3600
age: 683
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c10055ce87434f700ff8b20e3be1f919
477b3c9f1da0c464282bb54572737e76b6e346da
4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2193
Cache-Control: max-age=90424
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:24 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 09:43:28 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.13.69.101

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.13.69.101:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: l+R2BiWjUSJ8DXEilGnm6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IgzVAXRTCca5xyMPmsc8c01Nv9Q=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f8e70192cb1ed1cb2ba9ec92ed78ac36
4b2375368d2bc9ecda11300cb4e161807c038884
e042e016410a6b43645ab8073d380641a98b07677352dd7a55e68708aadf68d8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:24 GMT
Last-Modified: Fri, 18 Nov 2022 08:36:23 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8109
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:36:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8109
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:36:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8109
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:36:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8109
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:36:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8109
Expires: Fri, 18 Nov 2022 10:51:34 GMT
Date: Fri, 18 Nov 2022 08:36:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08ef698a-56d7-4f19-be41-17c1eca0ce7b.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08ef698a-56d7-4f19-be41-17c1eca0ce7b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8644 bytes)
Hash
6672a5b26995975d4c7a589daf121490
b48bffb7c716db7c05dc2e74ffbc49f89e7f4c24
8d23d01e100d958dc1ae0f8f3cd39c2bc40c19c75a560c4df5ba9ce1de247615

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08ef698a-56d7-4f19-be41-17c1eca0ce7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: 989e9461-ddcc-4a41-8d88-d86dfa891899
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9UqERtoAMFUow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8ea-40b5695c1a052c3a0bd03458;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j-FsOPbQyKGUzW06HOBWpRb-VIB6dSNf2Dja2ZwtbQaOFs6aJ7MXqw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:43 GMT
age: 38442
etag: "b48bffb7c716db7c05dc2e74ffbc49f89e7f4c24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 00:26:57 GMT
age: 29368
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2b71261-68cc-40d8-9fce-033095c5889d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9661 bytes)
Hash
f22c78eb5d83b4a108e0fff0806ff1a1
7e246b0b4697140ae7429aeff92aa16ab88dd6f6
1afadc1fb89b5a321e067893609c154b6d7dbd39123d15883c799aab6214cd4a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2b71261-68cc-40d8-9fce-033095c5889d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9661
x-amzn-requestid: dcff71d8-a6ac-45f2-acc1-e14314334495
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7RHGAIAMFSOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7b-3598a746247615de161878e3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:31 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nNm3mly0cy8etL6Tg2gC2jpSc37d77L8rNny7C5fSTG2jn4zRo04lg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:49:45 GMT
age: 38800
etag: "7e246b0b4697140ae7429aeff92aa16ab88dd6f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fbf7ad1-f536-481b-91fe-0e65845dad31.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8559 bytes)
Hash
51c1a0b8637b851bf02afce33a15dfb3
6aef47d81c072d0d9f7bded7b4bb7175933d76af
db90e1eceac1670eb45658faf77f8bc72135c3bd22cf05b6bfc1387a4c8cf395

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fbf7ad1-f536-481b-91fe-0e65845dad31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8559
x-amzn-requestid: 9bc8f5f4-568b-44a0-9266-a5ebb9f3ceed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9VKG0SIAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8ed-5ec6d8885576a25859ad483d;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: puLTV7v-ncJoL050akwZDm8Tv_G2tkUsidTa3aBhC_jJKyra-6BzIw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:53 GMT
age: 38612
etag: "6aef47d81c072d0d9f7bded7b4bb7175933d76af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591858fd-bcb1-4a79-bff2-51b044b4fbb0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8108 bytes)
Hash
58e93b8944e96f1c5cd61caa7829ca96
c90e73a1a1ecf67e5e0bd374ae37d04caa3bb1c1
b38ee82e01744e77f69be21470d7a864a366a9c94c6c8dd9adf1877ad99199ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F591858fd-bcb1-4a79-bff2-51b044b4fbb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8108
x-amzn-requestid: b0579a2a-5b57-40cb-9ab5-1ed1a58ca1fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MNGLUIAMFp7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa4d-6aeb306b0e99303639416188;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D4wOoPonIvKX3I2cZNfRmhzJCCTTvVJ6lIttSFsG8jB2hUXQ_AO9Ig==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:04:41 GMT
age: 37904
etag: "c90e73a1a1ecf67e5e0bd374ae37d04caa3bb1c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4310 bytes)
Hash
292dc2edef978e128f70b96ee4b2b3e2
1530f860e2b54b7b382f59654db63eaed59c5f95
f74b08f1bdd35ea7ebb6e2887fc6c02abc76f9e276cd30d1d7d6475e667b5624

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4310
x-amzn-requestid: 6452483a-f96e-4f27-a18e-55e9206e7be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-78FiToAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-4e366d3612f39c5c421e864e;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C8hVBVyCgsK-mT6_PXr68AjfNsNPGqD_TWBEwNlyY_Nur_RgB5aE3w==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:42:15 GMT
age: 35650
etag: "1530f860e2b54b7b382f59654db63eaed59c5f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
b8ef4fe56810ae3771a3c94ff8f3e6bd
7d946214ed8fb0851a37599d4760d9e9d71cbee6
56d7b74f4e1490efd480005e527566d0d3e5cb0d1a30bb105ab59accd6013643

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:36:27 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 06:53:12 GMT
Expires: Fri, 25 Nov 2022 06:53:11 GMT
Etag: "7d946214ed8fb0851a37599d4760d9e9d71cbee6"
Cache-Control: max-age=598003,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bf60e759830b69-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap

142.250.74.10

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open%20Sans:bold,regular&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1127 bytes)
Hash
7011577254f40fc002c68a424ff56dad
23bd34c879af4728401b9a2f9f66c380a66916e8
f39f1fe67393cae71ff8eb8a3db78787404e1d782de4e8f0aea0fc1636cfc882

HTTP Headers

GET /css?family=Open%20Sans:bold,regular&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 08:36:28 GMT
date: Fri, 18 Nov 2022 08:36:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
6d5ea5106158c5be58fbe119eeb374fe
1be460ce0ad1f043b0fd277cc3f778ff67377604
a0602960b14ec36322d96de66ab688b862cb578976fba858cf2f0a886da74d87

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:36:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 02:15:27 GMT
Expires: Thu, 24 Nov 2022 02:15:26 GMT
Etag: "1be460ce0ad1f043b0fd277cc3f778ff67377604"
Cache-Control: max-age=494937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bf60ec2b02b4fd-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
6d5ea5106158c5be58fbe119eeb374fe
1be460ce0ad1f043b0fd277cc3f778ff67377604
a0602960b14ec36322d96de66ab688b862cb578976fba858cf2f0a886da74d87

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:36:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 02:15:27 GMT
Expires: Thu, 24 Nov 2022 02:15:26 GMT
Etag: "1be460ce0ad1f043b0fd277cc3f778ff67377604"
Cache-Control: max-age=494937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bf60ed8c8eb4fd-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.taixiu.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 05:42:51 GMT
expires: Fri, 17 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 96817
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Size
31 kB (31320 bytes)
Hash
3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.taixiu.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 18:57:58 GMT
expires: Tue, 14 Nov 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 308310
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/zl-20220526032409.png

138.199.37.231

200 OK

3.9 kB

URL HTTP/2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/zl-20220526032409.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 82 x 82, 8-bit colormap, non-interlaced\012- data
Size
3.9 kB (3886 bytes)
Hash
64c0cf683634a67cb36865c841c5b397
e81e874529db1e057888b7cb4bc3bc95fa2e42c7
4906b47508abe50380ba842c6fc06cc9ac1f3931f0e3623688121847e361b97c

HTTP Headers

GET /s400x400/61416d65d1330500bc1e1272/zl-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 3886
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f1642-f2e"
last-modified: Thu, 26 May 2022 05:55:14 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 08:06:00
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: d484b98b361fd4a88695793817dad400
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s450x350/61416d65d1330500bc1e1272/ios_tai-app-20220525070238.png

138.199.37.231

200 OK

694 B

URL HTTP/2
w.ladicdn.com/s450x350/61416d65d1330500bc1e1272/ios_tai-app-20220525070238.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 93 x 25, 8-bit colormap, non-interlaced\012- data
Size
694 B (694 bytes)
Hash
6c4d93747920110fb1e88bf953fd56f5
738f85a88a172ed6cd3adfc648e0cbfcdc7afc88
d07134fe4e4d46225e199b0b84feb6c08986dededf2b2d0d865bdefbcef99479

HTTP Headers

GET /s450x350/61416d65d1330500bc1e1272/ios_tai-app-20220525070238.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 694
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628dd734-2b6"
last-modified: Wed, 25 May 2022 07:13:56 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: cbb17aff4c695cc24d7985da9f7dad7d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s750x400/61416d65d1330500bc1e1272/nut_vui-cuoc-to-20220525012005.png

138.199.37.231

200 OK

5.7 kB

URL HTTP/2
w.ladicdn.com/s750x400/61416d65d1330500bc1e1272/nut_vui-cuoc-to-20220525012005.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 355 x 71, 8-bit colormap, non-interlaced\012- data
Size
5.7 kB (5728 bytes)
Hash
3e1238d0294a049de1bdfd27e8e28b0b
2db3ad62411833a174962d3d3981fed18f1459a8
6849f341e8f3fc93ff82dee9099c7f73facb317120dbdc3c9d1e206ea3c72e9d

HTTP Headers

GET /s750x400/61416d65d1330500bc1e1272/nut_vui-cuoc-to-20220525012005.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 5728
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628d84e1-1660"
last-modified: Wed, 25 May 2022 01:22:41 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/12/2022 06:09:44
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requestid: 6a50ac84ce61cb3cc278e9b3f260caba
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s500x500/61416d65d1330500bc1e1272/qr_adroind_nhacaisodo_net-20220526052018.png

138.199.37.231

200 OK

8.7 kB

URL HTTP/2
w.ladicdn.com/s500x500/61416d65d1330500bc1e1272/qr_adroind_nhacaisodo_net-20220526052018.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 180 x 179, 8-bit colormap, non-interlaced\012- data
Size
8.7 kB (8692 bytes)
Hash
162f2251eebcbdb877db7fc4ad752a6b
26290d778dded23b5665412adfe20cad1249d2c7
618b9191b587042d5bf8f8fa7ca1fdce298946ffa0cd8099ec5c74f4a9540adc

HTTP Headers

GET /s500x500/61416d65d1330500bc1e1272/qr_adroind_nhacaisodo_net-20220526052018.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 8692
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f1001-21f4"
last-modified: Thu, 26 May 2022 05:28:33 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 28929974e087148b84cc56154719583d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s500x500/61416d65d1330500bc1e1272/qr_ios_nhacaisodo_net-20220526052024.png

138.199.37.231

200 OK

8.6 kB

URL HTTP/2
w.ladicdn.com/s500x500/61416d65d1330500bc1e1272/qr_ios_nhacaisodo_net-20220526052024.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 180 x 179, 8-bit colormap, non-interlaced\012- data
Size
8.6 kB (8555 bytes)
Hash
3307ad82e7211d0da7b15385afb8daa4
438969ca7b72b0762df3937a84604bef76ffb563
3eb1cfcb5740da1455d4c1102bd9c599fbcf846f8e6fca4132c6c8e54b57a9d0

HTTP Headers

GET /s500x500/61416d65d1330500bc1e1272/qr_ios_nhacaisodo_net-20220526052024.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 8555
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f1001-216b"
last-modified: Thu, 26 May 2022 05:28:33 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 08:06:00
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: dae860234b23fdffeaf9ce68304245d2
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s500x350/61416d65d1330500bc1e1272/android_tai-app-20220525070229.png

138.199.37.231

200 OK

840 B

URL HTTP/2
w.ladicdn.com/s500x350/61416d65d1330500bc1e1272/android_tai-app-20220525070229.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 129 x 25, 8-bit colormap, non-interlaced\012- data
Size
840 B (840 bytes)
Hash
b3311c6d86c02499a7e0c2e9569cfd33
65b03464a7b0157e23b6d34d0444e3007e50dabd
8906e1658e5b842f8648363325b8e6e6752ddb8a0009e9c534e504eae0f60d9d

HTTP Headers

GET /s500x350/61416d65d1330500bc1e1272/android_tai-app-20220525070229.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 840
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628dd736-348"
last-modified: Wed, 25 May 2022 07:13:58 GMT
cdn-storageserver: NY-427
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 08:06:00
cdn-edgestorageid: 1047
cdn-status: 200
cdn-requestid: 08cc1f88dc175fd7bb198992cd691c6b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/61416d65d1330500bc1e1272/button_km-20220526124706.gif

138.199.37.231

200 OK

9.2 kB

URL HTTP/2
w.ladicdn.com/61416d65d1330500bc1e1272/button_km-20220526124706.gif
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
GIF image data, version 89a, 219 x 80\012- data
Size
9.2 kB (9160 bytes)
Hash
62ba21a813da9b8dd1f4ddc57c61e419
1d9912ddf99b105b860190e8dee972f8d7abd458
823e7d68d1f8be8a2b5b6e7fecd1bfaad900c635942f5015299ed34b14979761

HTTP Headers

GET /61416d65d1330500bc1e1272/button_km-20220526124706.gif HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/gif
content-length: 9160
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f76d0-23c8"
last-modified: Thu, 26 May 2022 12:47:12 GMT
cdn-storageserver: NY-427
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/15/2022 11:58:52
cdn-edgestorageid: 1053
cdn-status: 200
cdn-requestid: c8d7e401dbc2405fe67355628fece0dc
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/61416d65d1330500bc1e1272/header_bar_dang-ky-20220525031433.png

138.199.37.231

200 OK

5.8 kB

URL HTTP/2
w.ladicdn.com/61416d65d1330500bc1e1272/header_bar_dang-ky-20220525031433.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Size
5.8 kB (5783 bytes)
Hash
c3130ec32adc60f7bcb5f8f02158b625
f7180a087996db9ea96ec45d29c089c637d43a39
4f51cd308b5798c5d3ff7fb06d8f4f8fdb5ff145337922cfc3dbb9f26c598e72

HTTP Headers

GET /61416d65d1330500bc1e1272/header_bar_dang-ky-20220525031433.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 5783
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628db204-1697"
last-modified: Wed, 25 May 2022 04:35:16 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/06/2022 00:42:38
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 1430fa78ea98f3ea35089067fda1aa5c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ytb-20220526032409.png

138.199.37.231

200 OK

3.7 kB

URL HTTP/2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/ytb-20220526032409.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 82 x 82, 8-bit colormap, non-interlaced\012- data
Size
3.7 kB (3729 bytes)
Hash
bb60e6f09dae29a47a35011a9c1f4731
cd297a5eabeda099dc2a9f8f73fe0191ab6819ff
733ffc68c2639674c5af10ee19b9db4e7c7c05417151483a4bbd9cc09b969ea7

HTTP Headers

GET /s400x400/61416d65d1330500bc1e1272/ytb-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 3729
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ef934-e91"
last-modified: Thu, 26 May 2022 03:51:16 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/12/2022 06:09:44
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requestid: 157d0c7f39603f5f8351b7b9c10fd284
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

w.ladicdn.com/s800x400/61416d65d1330500bc1e1272/buttons3-20220525031506.png

138.199.37.231

200 OK

6.6 kB

URL HTTP/2
w.ladicdn.com/s800x400/61416d65d1330500bc1e1272/buttons3-20220525031506.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 466 x 83, 8-bit colormap, non-interlaced\012- data
Size
6.6 kB (6551 bytes)
Hash
e47bfb72e7c00792d9de5afd6b033b31
0f5a855ec2816b4d84549a4c9e0812df5c88fd4d
974e2114267b4936e03a8a9aaecbc26e1a336d44c42f1eaa0bc61ab2da78897e

HTTP Headers

GET /s800x400/61416d65d1330500bc1e1272/buttons3-20220525031506.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 6551
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628debb4-1997"
last-modified: Wed, 25 May 2022 08:41:24 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 09c01db3d3b4d251e840f9c8151d317f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/tl-20220526032409.png

138.199.37.231

200 OK

3.8 kB

URL HTTP/2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/tl-20220526032409.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 82 x 82, 8-bit colormap, non-interlaced\012- data
Size
3.8 kB (3762 bytes)
Hash
451920cc12b2c366df1e1b7e55ec1d39
a38089ad57231f106ffbeb8bd155c6b59f47a6fe
a952ba87255df9b6178008f62d3b96bebe350eaeaf2faf8daf298ffa99d72e94

HTTP Headers

GET /s400x400/61416d65d1330500bc1e1272/tl-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 3762
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ef4f5-eb2"
last-modified: Thu, 26 May 2022 03:33:09 GMT
cdn-storageserver: NY-427
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/11/2022 02:45:18
cdn-edgestorageid: 1047
cdn-status: 200
cdn-requestid: 89eee1f17828b7c8c644d1031bf1a567
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/fb-20220526032409.png

138.199.37.231

200 OK

3.1 kB

URL HTTP/2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/fb-20220526032409.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 82 x 82, 8-bit colormap, non-interlaced\012- data
Size
3.1 kB (3114 bytes)
Hash
4ceeafb6b78dca1b9ed4778b8711cb00
ff2bed742920a3b87dc1e0ec9eb350117f7ca349
69a76819308e905e16804ac84f44f2291184426a745328af2a67329522c8e406

HTTP Headers

GET /s400x400/61416d65d1330500bc1e1272/fb-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 3114
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ef4f5-c2a"
last-modified: Thu, 26 May 2022 03:33:09 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 30beb748d79f96d01479df123aecbce6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/web-20220526032409.png

138.199.37.231

200 OK

3.3 kB

URL HTTP/2
w.ladicdn.com/s400x400/61416d65d1330500bc1e1272/web-20220526032409.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 83 x 83, 8-bit colormap, non-interlaced\012- data
Size
3.3 kB (3285 bytes)
Hash
1fc8bc4f609b8531706b996043968d91
12c848d78a2caf3d0ca2fffb32605bcb40ff1ed0
0a22796c499879543057d06cc5435040f5f5d1771f91a863156d6e20c2115cd7

HTTP Headers

GET /s400x400/61416d65d1330500bc1e1272/web-20220526032409.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 3285
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628f1644-cd5"
last-modified: Thu, 26 May 2022 05:55:16 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 01:20:36
cdn-edgestorageid: 1047
cdn-status: 200
cdn-requestid: 7f0e3e9a3615ece6f8ee2076e5729044
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_trang-chu-20220524134034.png

138.199.37.231

200 OK

5.2 kB

URL HTTP/2
w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_trang-chu-20220524134034.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Size
5.2 kB (5246 bytes)
Hash
ba648feb5171f1c327cd1717da2beaaa
d10f46fda68968a36375d4b68852ca92f7014e9f
68911e0f0677178e20d0a3c8e0637bd1643e31e4857a9493ad9c3d9c912a45b1

HTTP Headers

GET /s450x400/61416d65d1330500bc1e1272/header_bar_trang-chu-20220524134034.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 5246
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce0e0-147e"
last-modified: Tue, 24 May 2022 13:42:56 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 5f98a75793c55a1574aafbc5326fd8ec
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_dang-ky-20220524133942.png

138.199.37.231

200 OK

5.2 kB

URL HTTP/2
w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_dang-ky-20220524133942.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Size
5.2 kB (5163 bytes)
Hash
d706e902c0353d33b8ac9c2c1fe5bac1
48d53f3ae42af7d0429bfc401266e3140ff73b9d
ea6909da24f92478e26a73b856894f7fd30131644444927dcb838674f22c6582

HTTP Headers

GET /s450x400/61416d65d1330500bc1e1272/header_bar_dang-ky-20220524133942.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 5163
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce0de-142b"
last-modified: Tue, 24 May 2022 13:42:54 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/11/2022 03:01:01
cdn-edgestorageid: 1048
cdn-status: 200
cdn-requestid: 4a9d899c8a69d714f93f9324eb22f6a1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_cskh-24-7-20220524133839.png

138.199.37.231

200 OK

5.2 kB

URL HTTP/2
w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_cskh-24-7-20220524133839.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Size
5.2 kB (5163 bytes)
Hash
3a0d63a04c394cca05f996c2ec2e1c8f
7d5f74c8171e760aa16fc96158b0d161dc47b54d
06e45b7aa155cd222970b7de458a0a74c88f1fea068ae02c88adea23dfca897b

HTTP Headers

GET /s450x400/61416d65d1330500bc1e1272/header_bar_cskh-24-7-20220524133839.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 5163
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce0db-142b"
last-modified: Tue, 24 May 2022 13:42:51 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 78aab13a2cf6358531b89fcd66b766bc
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_dang-nhap-20220524133952.png

138.199.37.231

200 OK

5.3 kB

URL HTTP/2
w.ladicdn.com/s450x400/61416d65d1330500bc1e1272/header_bar_dang-nhap-20220524133952.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 219 x 80, 8-bit colormap, non-interlaced\012- data
Size
5.3 kB (5322 bytes)
Hash
99b2f08de0d2872150139e5ab8df3f89
8333d52f28f8d198fa85c369ecc3faa7eb64efa7
859fa5fe3c02407733868fa37936580db9d156a7eac86c5d2ba930c36aae602a

HTTP Headers

GET /s450x400/61416d65d1330500bc1e1272/header_bar_dang-nhap-20220524133952.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 5322
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce0dc-14ca"
last-modified: Tue, 24 May 2022 13:42:52 GMT
cdn-storageserver: NY-426
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/11/2022 02:45:18
cdn-edgestorageid: 1047
cdn-status: 200
cdn-requestid: 6979a61ab3d3b6db9a13eabcf67e3e14
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s950x600/61416d65d1330500bc1e1272/khung-20220524133815.png

138.199.37.231

200 OK

27 kB

URL HTTP/2
w.ladicdn.com/s950x600/61416d65d1330500bc1e1272/khung-20220524133815.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 600 x 260, 8-bit colormap, non-interlaced\012- data
Size
27 kB (27016 bytes)
Hash
32097a3bdb2013f9e28c059f67df99fd
138c3da440eb49aae5f9381defadbe14e77efedb
68856b1c06dd9cbb247f178445bb52158389c00b123f91182fab5c7695cd5eec

HTTP Headers

GET /s950x600/61416d65d1330500bc1e1272/khung-20220524133815.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 27016
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628ce5a8-6988"
last-modified: Tue, 24 May 2022 14:03:20 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/25/2022 05:50:40
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: c3600130c149ef0119746f8e626fccbe
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s2350x450/61416d65d1330500bc1e1272/i-topbg2_01-20220522085752.png

138.199.37.231

200 OK

43 kB

URL HTTP/2
w.ladicdn.com/s2350x450/61416d65d1330500bc1e1272/i-topbg2_01-20220522085752.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 1920 x 124, 8-bit colormap, non-interlaced\012- data
Size
43 kB (42606 bytes)
Hash
98dffa49fda78e28eae09e1c34350bda
63c8e712cfbe27eec16645cc21fd14d142217fcc
7665dde099f89d4b2dd919576c66280c912f71297fbf37b8719b86c6b84f1776

HTTP Headers

GET /s2350x450/61416d65d1330500bc1e1272/i-topbg2_01-20220522085752.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 42606
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628a0124-a66e"
last-modified: Sun, 22 May 2022 09:23:48 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 16:39:37
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 958744b3306a620626c73e746aff6b10
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s2750x450/61416d65d1330500bc1e1272/i-footer-bg_02-20220522085752.png

138.199.37.231

200 OK

46 kB

URL HTTP/2
w.ladicdn.com/s2750x450/61416d65d1330500bc1e1272/i-footer-bg_02-20220522085752.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 1920 x 81, 8-bit colormap, non-interlaced\012- data
Size
46 kB (46470 bytes)
Hash
81c876d021e2ba5f38cdb690f240a38b
8f9b4d5fd377c7cd9eaeda081a15b6ad5ae814d3
a859c251119118312475dbea57b2db38e34126aee276af520dadd97b638726cc

HTTP Headers

GET /s2750x450/61416d65d1330500bc1e1272/i-footer-bg_02-20220522085752.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 46470
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628a0122-b586"
last-modified: Sun, 22 May 2022 09:23:46 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:54
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 4f0abecf1b748d82017444a6a21b7416
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

216.58.207.195

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14040, version 1.0\012- data
Size
14 kB (14040 bytes)
Hash
eadd44d829d43ddf48870c2073f1a7ca
fc04b04f37e0988001c81be96bca33c4d866450f
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.taixiu.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:11:26 GMT
expires: Fri, 17 Nov 2023 21:11:26 GMT
cache-control: public, max-age=31536000
age: 41102
last-modified: Mon, 15 Aug 2022 18:14:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

w.ladicdn.com/s600x400/61416d65d1330500bc1e1272/chu-20211203021229.png

138.199.37.231

200 OK

51 kB

URL HTTP/2
w.ladicdn.com/s600x400/61416d65d1330500bc1e1272/chu-20211203021229.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 497 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (50624 bytes)
Hash
fabf0514b44c2005395ecad87f203ef8
6bd9b60410f8e35e12d5f14154f29766f5587580
83af20694b0ba3483e18372bdc3e3975634a0646a2a4ef68b87ab0d46579ffeb

HTTP Headers

GET /s600x400/61416d65d1330500bc1e1272/chu-20211203021229.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 50624
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "6291ade8-c5c0"
last-modified: Sat, 28 May 2022 05:06:48 GMT
cdn-storageserver: NY-427
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 08:06:00
cdn-edgestorageid: 1047
cdn-status: 200
cdn-requestid: 61b1051cf714420c1b8b33658ef8f632
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s1050x550/61416d65d1330500bc1e1272/text_woldcup-4-20220525013140.png

138.199.37.231

200 OK

66 kB

URL HTTP/2
w.ladicdn.com/s1050x550/61416d65d1330500bc1e1272/text_woldcup-4-20220525013140.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 800 x 280, 8-bit colormap, non-interlaced\012- data
Size
66 kB (66023 bytes)
Hash
39127040c901d0d05c45ccfc328b6d80
72e8e3148f902e62375ae2c133cc5258571f8d6c
40a498a3f614789c0107010a582aa94069e9f6bd489929626f6a6ee6521259af

HTTP Headers

GET /s1050x550/61416d65d1330500bc1e1272/text_woldcup-4-20220525013140.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 66023
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628d8761-101e7"
last-modified: Wed, 25 May 2022 01:33:21 GMT
cdn-storageserver: NY-426
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 08:06:00
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: d6a7bf56692d26493beb4d09b44ebf58
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s550x450/61416d65d1330500bc1e1272/light-20220525074907.png

138.199.37.231

200 OK

94 kB

URL HTTP/2
w.ladicdn.com/s550x450/61416d65d1330500bc1e1272/light-20220525074907.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 800 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size
94 kB (93656 bytes)
Hash
ea02e011b6b041b6d71e07c022a29d1f
0d2871dc17ec73723ed4721b0136865700725cbf
c48a534e1ea06d9ed1ec3219a16a30acfaf8d057215d80505ac0869a62ac9895

HTTP Headers

GET /s550x450/61416d65d1330500bc1e1272/light-20220525074907.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 93656
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628de16f-16dd8"
last-modified: Wed, 25 May 2022 07:57:35 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/12/2022 06:09:44
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requestid: 4f9b45e1a256cef57d3448f8d161c8f7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s900x800/61416d65d1330500bc1e1272/b73517df090300fd-20220517100602.png

138.199.37.231

200 OK

125 kB

URL HTTP/2
w.ladicdn.com/s900x800/61416d65d1330500bc1e1272/b73517df090300fd-20220517100602.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
RIFF (little-endian) data, Web/P image\012- data
Size
125 kB (125074 bytes)
Hash
eaba5570e4a4ce51e7bacdbb845c8c5b
8d5e2dc7d33e7a74b2b9f14b9b43f233336807f6
e694792d1717d096965b11f75a548787c263dfdd1b90825b1019dd5317017ed5

HTTP Headers

GET /s900x800/61416d65d1330500bc1e1272/b73517df090300fd-20220517100602.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 125074
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628376c8-1e892"
last-modified: Tue, 17 May 2022 10:19:52 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/11/2022 03:01:01
cdn-edgestorageid: 1048
cdn-status: 200
cdn-requestid: 5a4e12b5e53407befa59842f90ad26d2
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s950x800/61416d65d1330500bc1e1272/f4cd4605646e8f45-20220517100602.png

138.199.37.231

200 OK

170 kB

URL HTTP/2
w.ladicdn.com/s950x800/61416d65d1330500bc1e1272/f4cd4605646e8f45-20220517100602.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
RIFF (little-endian) data, Web/P image\012- data
Size
170 kB (170074 bytes)
Hash
9e8377942515de197f6aff88df17e19c
15d00c5abd294ccca365e03487903d90fa7aceaf
a7619024b92a853d0eebc9e6e03ccfca47b966ed223cf5f21ae67e3b509df433

HTTP Headers

GET /s950x800/61416d65d1330500bc1e1272/f4cd4605646e8f45-20220517100602.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 170074
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628b4e7b-2985a"
last-modified: Mon, 23 May 2022 09:06:03 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2022 16:39:37
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: d2b8dc0aa7750abdf3cb528151cdca18
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s900x750/61416d65d1330500bc1e1272/7812f3937d38b1e1-20220517100602.png

138.199.37.231

200 OK

256 kB

URL HTTP/2
w.ladicdn.com/s900x750/61416d65d1330500bc1e1272/7812f3937d38b1e1-20220517100602.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
RIFF (little-endian) data, Web/P image\012- data
Size
256 kB (256498 bytes)
Hash
9170d1c2555543cb6f0f24d622259751
15caf7ac3ad35692bf443c46465a583dbab884d4
5574e15c03a9bbbb668fe241e39b2a0b01cc621320dc35ebee10efbd541bdb0b

HTTP Headers

GET /s900x750/61416d65d1330500bc1e1272/7812f3937d38b1e1-20220517100602.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 256498
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628376c9-3e9f2"
last-modified: Tue, 17 May 2022 10:19:53 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/12/2022 06:09:44
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requestid: 3a55b7f905d0a07a2001557502b03a40
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s1150x400/61416d65d1330500bc1e1272/footer-20220816033838.png

138.199.37.231

200 OK

444 kB

URL HTTP/2
w.ladicdn.com/s1150x400/61416d65d1330500bc1e1272/footer-20220816033838.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 1920 x 210, 8-bit/color RGBA, interlaced\012- data
Size
444 kB (443643 bytes)
Hash
021020b7589e05f0768da5c12ee11068
9807bce98b0a4065107cc6f00ac3a436b0a489cc
a55c01fc8902e2716b93bb0d805003244d68e6c7b46ba7ad62905ba9d3bf6aec

HTTP Headers

GET /s1150x400/61416d65d1330500bc1e1272/footer-20220816033838.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 443643
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "62fb1801-6c4fb"
last-modified: Tue, 16 Aug 2022 04:07:29 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/24/2022 23:37:58
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: fe620210becb6946ff92da3a5ad2622b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s2350x1250/61416d65d1330500bc1e1272/body-bg3-20220522085751.png

138.199.37.231

200 OK

1.5 MB

URL HTTP/2
w.ladicdn.com/s2350x1250/61416d65d1330500bc1e1272/body-bg3-20220522085751.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced\012- data
Size
1.5 MB (1519346 bytes)
Hash
f560c1c77e36101bf72efbf7950c336a
61b1bf00c85146cd00b1a784fbd3b58bd1112922
67b9ed602d43d7918ecf9ffd90a3af331108579a75a216a38882c9e242e52161

HTTP Headers

GET /s2350x1250/61416d65d1330500bc1e1272/body-bg3-20220522085751.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 1519346
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628c51fe-172ef2"
last-modified: Tue, 24 May 2022 03:33:18 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 8db22c8ed1ff5cf52690b3f2be73bd8f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

w.ladicdn.com/s950x950/61416d65d1330500bc1e1272/i-right-pic-20220522085931.png

138.199.37.231

200 OK

947 kB

URL HTTP/2
w.ladicdn.com/s950x950/61416d65d1330500bc1e1272/i-right-pic-20220522085931.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type
PNG image data, 800 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size
947 kB (946558 bytes)
Hash
4ed2855a8c9a8404e58d034f2384d87f
8a42a93792d23d38a31264eeb62775cf69153e80
6af600b6b456ff5afe7181c08a4e5d46a58fc92ec23aae63f6bb69e44c8290e3

HTTP Headers

GET /s950x950/61416d65d1330500bc1e1272/i-right-pic-20220522085931.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 946558
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628a0124-e717e"
last-modified: Sun, 22 May 2022 09:23:48 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:53
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: e68d38434d7edd4858952699bcb88e72
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
e88cee157689f8c2677df3c0e5d1639b
2ea474f3b14a6907c990a69c4cd8b2a29eb784d7
223285beeef45acd393676282d4611bc7686f8adf5943c6b21b25c6ce1a5be3d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:36:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 10:04:32 GMT
Expires: Tue, 22 Nov 2022 10:04:31 GMT
Etag: "2ea474f3b14a6907c990a69c4cd8b2a29eb784d7"
Cache-Control: max-age=350281,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bf60f46d37b4fd-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
e88cee157689f8c2677df3c0e5d1639b
2ea474f3b14a6907c990a69c4cd8b2a29eb784d7
223285beeef45acd393676282d4611bc7686f8adf5943c6b21b25c6ce1a5be3d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 08:36:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 10:04:32 GMT
Expires: Tue, 22 Nov 2022 10:04:31 GMT
Etag: "2ea474f3b14a6907c990a69c4cd8b2a29eb784d7"
Cache-Control: max-age=350281,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76bf60f46ad8b523-OSL

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
47080e9bdd6f096f1776e11e656ba4bd
76b4460d9f72cfa468c63cd96557acb19c96a155
9dc37d1a649bf38d4ca1833d9ac8f0567a5a2ee227688a5cda290320301b603d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159140
Date: Fri, 18 Nov 2022 08:36:29 GMT
Etag: "63770380-1d7"
Expires: Sun, 20 Nov 2022 04:48:49 GMT
Last-Modified: Fri, 18 Nov 2022 04:01:04 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3yOyHU3RJioj19d61ZX0d-pVUkJ0jFP0Wx9765iF9meqzRn4WthwhQ==
Age: 2865

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
47080e9bdd6f096f1776e11e656ba4bd
76b4460d9f72cfa468c63cd96557acb19c96a155
9dc37d1a649bf38d4ca1833d9ac8f0567a5a2ee227688a5cda290320301b603d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156544
Date: Fri, 18 Nov 2022 08:36:29 GMT
Etag: "63770380-1d7"
Expires: Sun, 20 Nov 2022 04:05:33 GMT
Last-Modified: Fri, 18 Nov 2022 04:01:04 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7MfcWKzl4hccRs4yo6ar_S5f5RHfnd726r7Sm4Rn3SL2Ep4T1xTWHQ==
Age: 269

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e490b456bba5e1047d76032d798411a7
d68e47ae4dd0811778ccdea690610b28ab28ee6f
abd0e795cd45f910459ff3ee4514841f2c586541d25b9a92cc86738d3aead315

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151501
Date: Fri, 18 Nov 2022 08:36:29 GMT
Etag: "6376d947-1d7"
Expires: Sun, 20 Nov 2022 02:41:30 GMT
Last-Modified: Fri, 18 Nov 2022 01:00:55 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0Kt-OO_2UzdfxZt1waoqeLIevS4vixTNLm_wTvcUdihKIGBxu72Vhg==
Age: 6035

core.vchat.vn/code/tracking.js

42.112.21.2

200 OK

41 kB

URL HTTP/2
core.vchat.vn/code/tracking.js
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
Unicode text, UTF-8 text, with very long lines (740)
Size
41 kB (40838 bytes)
Hash
6fd89afdd10d6e2e6b8f7064d471ed1b
b3692a65b744128f784fe288974c1b48eea04c7a
837f0647359c3d60e5d675a2d360e979b43ed72b343f72c1e8c13bacb9c001b4

HTTP Headers

GET /code/tracking.js HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:29 GMT
content-type: application/javascript
content-length: 40838
last-modified: Fri, 12 Aug 2022 05:37:34 GMT
etag: "62f5e71e-9f86"
accept-ranges: bytes
X-Firefox-Spdy: h2

static.ladipage.net/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico

52.77.181.136

301 Moved Permanently

134 B

URL HTTP/2
static.ladipage.net/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico
IP
52.77.181.136:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /61416d65d1330500bc1e1272/favicon-1-20220525080014.ico HTTP/1.1
Host: static.ladipage.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: text/html
content-length: 134
location: https://w.ladicdn.com:443/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico
X-Firefox-Spdy: h2

core.vchat.vn/assets/css/main.css?version=251291

42.112.21.2

200 OK

25 kB

URL HTTP/2
core.vchat.vn/assets/css/main.css?version=251291
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
ASCII text, with very long lines (379)
Size
25 kB (24949 bytes)
Hash
b4d8dbe6f755405ca8c47f7f216c5bac
49d3e4416fe682387ff3e49c693e11bfbc09ab8e
1214b6a3714ff13a3c41c55761b81442cd57ec4413efbb985e0ad8887e01785b

HTTP Headers

GET /assets/css/main.css?version=251291 HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: text/css
content-length: 24949
last-modified: Wed, 07 Sep 2022 03:38:18 GMT
etag: "6318122a-6175"
accept-ranges: bytes
X-Firefox-Spdy: h2

a.ladipage.com/event

175.41.143.252

200 OK

5.1 kB

URL HTTP/2
a.ladipage.com/event
IP
175.41.143.252:0
ASN
#16509 AMAZON-02

File type
data
Size
5.1 kB (5114 bytes)
Hash
bc92a0d9f21aa0348ee3d826d9b58300
1002cacaa64fac589221fab1941f1857cea6065a
06d667b4223838b55ae2a97bfaff70688b0b669c6834ef196a2d91c1f374a074

HTTP Headers

OPTIONS /event HTTP/1.1
Host: a.ladipage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Referer: https://www.taixiu.cc/
Origin: https://www.taixiu.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

core.vchat.vn/assets/js/jquery.js

42.112.21.2

200 OK

93 kB

URL HTTP/2
core.vchat.vn/assets/js/jquery.js
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
Unicode text, UTF-8 text, with very long lines (65481)
Size
93 kB (93434 bytes)
Hash
1d14cd3798bc4d6aaf65dd625870723f
0809f9f5caa2642b9dea8bf59133180bfd7c1d6f
04bebecfb9f7ce92cf947ce283fccf067cf6870f65af3456dd22b6c102447c83

HTTP Headers

GET /assets/js/jquery.js HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: application/javascript
content-length: 93434
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-16cfa"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22

42.112.21.2

200 OK

230 kB

URL HTTP/2
core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (17912)
Size
230 kB (230338 bytes)
Hash
5c763b17c2ed34de22eb24dd7166e11f
0e00b439b8ece37021e4e76919cbc6f073dc7aee
6893191fb84d75f076c7b7758da41cf1584de069f156c69a9806f5a35c1f06fa

HTTP Headers

GET /service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22 HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
set-cookie: _gta_uni=20221118.134250009.1915876; expires=Thu, 14-Aug-2025 08:36:30 GMT; Max-Age=86400000; path=/; samesite=None; domain=.vchat.vn; secure; HttpOnly
vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30; expires=Sun, 26-Feb-2023 08:36:30 GMT; Max-Age=8640000; path=/; samesite=None; domain=.v3.vn; secure; HttpOnly
vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30; expires=Sun, 26-Feb-2023 08:36:30 GMT; Max-Age=8640000; path=/; samesite=None; domain=.vchat.vn; secure; HttpOnly
cache-control: no-cache, private
date: Fri, 18 Nov 2022 08:36:30 GMT
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-expose-headers: *
access-control-allow-headers: Access-Control-Allow-Headers,Origin,Accept,Content-Type, Authorization, X-Custom-Header, Upgrade-Insecure-Requests, token, X-Requested-With, Application
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 08:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

core.vchat.vn/assets/js/axios.min.js

42.112.21.2

200 OK

14 kB

URL HTTP/2
core.vchat.vn/assets/js/axios.min.js
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
ASCII text, with very long lines (14099)
Size
14 kB (14189 bytes)
Hash
38d761de833dac4e6e929951cc8f1f1c
b6f4033fb28206ea9018e22ab7c77038e7764478
7d950014f08aab41621a1cbcbeb06a9cde95c8bb4c70019e63f79c0193abad50

HTTP Headers

GET /assets/js/axios.min.js HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: application/javascript
content-length: 14189
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-376d"
accept-ranges: bytes
X-Firefox-Spdy: h2

core.vchat.vn/assets/js/main.js?version=251291

42.112.21.2

200 OK

38 kB

URL HTTP/2
core.vchat.vn/assets/js/main.js?version=251291
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
Unicode text, UTF-8 text
Size
38 kB (37646 bytes)
Hash
5aeee45243d28f0e20c1852ecdfa0ff2
8b9ea7cfefc556c8c01fcb24c58ded4c71d1231c
2e57364db5f9a93c3c4cab67a67264cf5006619ae38c62bf018f23c0f851651b

HTTP Headers

GET /assets/js/main.js?version=251291 HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: application/javascript
content-length: 37646
last-modified: Thu, 27 Oct 2022 03:39:00 GMT
etag: "6359fd54-930e"
accept-ranges: bytes
X-Firefox-Spdy: h2

core.vchat.vn/assets/image/typing_1.gif

42.112.21.2

200 OK

2.3 kB

URL HTTP/2
core.vchat.vn/assets/image/typing_1.gif
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
GIF image data, version 89a, 48 x 44\012- data
Size
2.3 kB (2272 bytes)
Hash
b6d97a9c479650b33d7016b53a11131b
cc99f6bd91ee88a5ca33e6745deb184cda5580f9
88abc22f59285ea365132ce0cd4e92c50b8cf6b2833de806bc4b5f4f32c2e3e2

HTTP Headers

GET /assets/image/typing_1.gif HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: image/gif
content-length: 2272
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-8e0"
accept-ranges: bytes
X-Firefox-Spdy: h2

core.vchat.vn/assets/image/typing.gif

42.112.21.2

200 OK

40 kB

URL HTTP/2
core.vchat.vn/assets/image/typing.gif
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
GIF image data, version 89a, 47 x 22\012- data
Size
40 kB (40271 bytes)
Hash
afd569048af918c2eda6fc054df82c1e
b31953a3155ab5e3bbf7188d61fe4d57fc31fe85
7c68d052273f0b30a08b3316d64698810b594a7765de0b190078f55a0950c509

HTTP Headers

GET /assets/image/typing.gif HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: image/gif
content-length: 40271
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-9d4f"
accept-ranges: bytes
X-Firefox-Spdy: h2

core.vchat.vn/assets/image/loading.gif

42.112.21.2

200 OK

4.8 kB

URL HTTP/2
core.vchat.vn/assets/image/loading.gif
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
GIF image data, version 89a, 28 x 28\012- data
Size
4.8 kB (4782 bytes)
Hash
71f0518dad0c74927f3bf3d4a5fb6fb2
dfb7339dcfea2f4d8963066a6773b92501a7c1ba
a07d1cebd390b2820257e108c20a012950126fbe4178a3a10efe3a1b217044ce

HTTP Headers

GET /assets/image/loading.gif HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: image/gif
content-length: 4782
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-12ae"
accept-ranges: bytes
X-Firefox-Spdy: h2

core.vchat.vn/assets/js/vue.2.3.js

42.112.21.2

200 OK

255 kB

URL HTTP/2
core.vchat.vn/assets/js/vue.2.3.js
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
ASCII text
Size
255 kB (254793 bytes)
Hash
f3304bbb2d5973eed6b0422a293c58b6
016775168e6a48b61a1009fb9bbf067b9add3dd4
b1ac0fd6c2e471a038610250580b636a16a6806e9bac699a209591858c037e7a

HTTP Headers

GET /assets/js/vue.2.3.js HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: application/javascript
content-length: 254793
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-3e349"
accept-ranges: bytes
X-Firefox-Spdy: h2

core.vchat.vn/code/socket.io.2.3.0.js

42.112.21.2

200 OK

69 kB

URL HTTP/2
core.vchat.vn/code/socket.io.2.3.0.js
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
ASCII text, with very long lines (32094)
Size
69 kB (68692 bytes)
Hash
9d982cf80aa2a6e09d791809e48cd82f
ed5bdb9f91879730e833f6b95f1960afd5a72c37
cc9c49fda0fdb365078fd84798f91fa86a3a93e942137c5f85b058e1f697e102

HTTP Headers

GET /code/socket.io.2.3.0.js HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: application/javascript
content-length: 68692
last-modified: Thu, 31 Mar 2022 19:36:40 GMT
etag: "624602c8-10c54"
accept-ranges: bytes
X-Firefox-Spdy: h2

core.vchat.vn/upload/brand/2022/05/14/vc-627f29c552770-1652500933.png

42.112.21.2

200 OK

22 kB

URL HTTP/2
core.vchat.vn/upload/brand/2022/05/14/vc-627f29c552770-1652500933.png
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
PNG image data, 219 x 250, 8-bit colormap, non-interlaced\012- data
Size
22 kB (21576 bytes)
Hash
ce66290d842ae55e0d6b687b2fa733c5
6d131de6cf5a6c85a12bcf6050172b74239bef82
624343ce61246c6ad2228e9f63ec546b1f40441a39c9cdbdca46c86f85cfea1d

HTTP Headers

GET /upload/brand/2022/05/14/vc-627f29c552770-1652500933.png HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/service/chat?code=15049&jwt=569f9758dd2380c4c04e9f90c9ea3c43&key=&ref=https://mygkw.com/&plf=Linux%20x86_64&url=https://www.taixiu.cc/&tit=%F0%9F%8E%96%EF%B8%8F%20NH%C3%80%20C%C3%81I%20UY%20T%C3%8DN%20NH%E1%BA%A4T%202022%20%E2%9C%94%EF%B8%8F%20NHACAISODO.NET&gid=0&gdf=%22%22&fs=%22%22
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:31 GMT
content-type: image/png
content-length: 21576
last-modified: Sat, 14 May 2022 04:02:13 GMT
etag: "627f29c5-5448"
accept-ranges: bytes
X-Firefox-Spdy: h2

core.vchat.vn/upload/eyechat/2022/05/14/vc-627f2b3fa7f50-1652501311.png

42.112.21.2

200 OK

22 kB

URL HTTP/2
core.vchat.vn/upload/eyechat/2022/05/14/vc-627f2b3fa7f50-1652501311.png
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
PNG image data, 219 x 250, 8-bit colormap, non-interlaced\012- data
Size
22 kB (21576 bytes)
Hash
ce66290d842ae55e0d6b687b2fa733c5
6d131de6cf5a6c85a12bcf6050172b74239bef82
624343ce61246c6ad2228e9f63ec546b1f40441a39c9cdbdca46c86f85cfea1d

HTTP Headers

GET /upload/eyechat/2022/05/14/vc-627f2b3fa7f50-1652501311.png HTTP/1.1
Host: core.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:31 GMT
content-type: image/png
content-length: 21576
last-modified: Sat, 14 May 2022 04:08:31 GMT
etag: "627f2b3f-5448"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.vchat.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 18 Nov 2022 06:41:09 GMT
expires: Fri, 18 Nov 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 6922
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B134250009%5D%2C%22checksum%22%3A%22a403497b2cbc31191b4c8f0357da7601%22%2C%22check_id%22%3A%22ab6c159de0940aa10fc6f481676c107d%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OI9uTOZ

42.112.21.2

200 OK

103 B

URL HTTP/2
wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B134250009%5D%2C%22checksum%22%3A%22a403497b2cbc31191b4c8f0357da7601%22%2C%22check_id%22%3A%22ab6c159de0940aa10fc6f481676c107d%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OI9uTOZ
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
d7829a958b79afd5dad6236895cc10e4
167471ba285c0813c69285beeb26677a26d71f6e
e6d25f121f02b5b7e0f9e25a775bff404469b41714705c887fbfb9630ef3e07f

HTTP Headers

GET /socket.io/?data=%7B%22channel%22%3A%5B134250009%5D%2C%22checksum%22%3A%22a403497b2cbc31191b4c8f0357da7601%22%2C%22check_id%22%3A%22ab6c159de0940aa10fc6f481676c107d%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OI9uTOZ HTTP/1.1
Host: wss1.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.vchat.vn
Connection: keep-alive
Referer: https://core.vchat.vn/
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:31 GMT
content-type: text/plain; charset=UTF-8
content-length: 103
access-control-allow-credentials: true
access-control-allow-origin: https://core.vchat.vn
set-cookie: io=0A3uTaXgQrUHLe1GC9bt; Path=/; HttpOnly; SameSite=Strict
X-Firefox-Spdy: h2

42.112.21.2

200 OK

2 B

URL HTTP/2
wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B134250009%5D%2C%22checksum%22%3A%22a403497b2cbc31191b4c8f0357da7601%22%2C%22check_id%22%3A%22ab6c159de0940aa10fc6f481676c107d%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OI9uTWN&sid=0A3uTaXgQrUHLe1GC9bt
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /socket.io/?data=%7B%22channel%22%3A%5B134250009%5D%2C%22checksum%22%3A%22a403497b2cbc31191b4c8f0357da7601%22%2C%22check_id%22%3A%22ab6c159de0940aa10fc6f481676c107d%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=polling&t=OI9uTWN&sid=0A3uTaXgQrUHLe1GC9bt HTTP/1.1
Host: wss1.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 164
Origin: https://core.vchat.vn
Connection: keep-alive
Referer: https://core.vchat.vn/
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Fri, 18 Nov 2022 08:36:32 GMT
content-type: text/html
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: https://core.vchat.vn
set-cookie: io=0A3uTaXgQrUHLe1GC9bt; Path=/; HttpOnly; SameSite=Strict
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7045 bytes)
Hash
e5fb6d72b647aabea33ab4017f4a0847
ed93ac946111340a254b92f8ce27e8be93ae87e8
0782ed4ffaea8f9487461d5a9b0c241d30dfe057676753b24e180d0a94efad99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7045
x-amzn-requestid: e8dace8b-0cc8-4ea0-b47a-e42a66576f72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K3EuCIAMFsmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-71c191e462be52006858817b;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S0Sq8vuP-MbcuYVx_WFXTkmrY966mBTY1Qpowx_E_to1tDk1b8R-Bw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:11 GMT
age: 38661
etag: "ed93ac946111340a254b92f8ce27e8be93ae87e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

42.112.21.2

101 Switching Protocols

0 B

URL HTTP/1.1
wss1.vchat.vn/socket.io/?data=%7B%22channel%22%3A%5B134250009%5D%2C%22checksum%22%3A%22a403497b2cbc31191b4c8f0357da7601%22%2C%22check_id%22%3A%22ab6c159de0940aa10fc6f481676c107d%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=websocket&sid=0A3uTaXgQrUHLe1GC9bt
IP
42.112.21.2:0
ASN
#18403 FPT Telecom Company

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket.io/?data=%7B%22channel%22%3A%5B134250009%5D%2C%22checksum%22%3A%22a403497b2cbc31191b4c8f0357da7601%22%2C%22check_id%22%3A%22ab6c159de0940aa10fc6f481676c107d%22%2C%22data%22%3A%22%22%7D&EIO=3&transport=websocket&sid=0A3uTaXgQrUHLe1GC9bt HTTP/1.1
Host: wss1.vchat.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://core.vchat.vn
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YUPpFBtFho2ylN32CO9BSQ==
Connection: keep-alive, Upgrade
Cookie: _gta_uni=20221118.134250009.1915876; vnp_guest_15049_134250009=2022-11-18+15%3A36%3A30
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx/1.21.6
Date: Fri, 18 Nov 2022 08:36:32 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f4TGJDLS9m060GwyhruZb6il18k=

www.taixiu.cc/

18.138.206.213

200 OK

0 B

URL HTTP/2
www.taixiu.cc/
IP
18.138.206.213:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.taixiu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mygkw.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: openresty
date: Fri, 18 Nov 2022 08:36:27 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
set-cookie: LADI_DNS_CHECK="2022-11-18 08:36:27.833130339 +0000 UTC m=+1387777.714797771"; Expires=Mon, 15 Nov 2032 08:36:27 GMT
LADI_CLIENT_ID=ca2087f5-7816-482f-5937-08ef75f16ecf; Expires=Mon, 15 Nov 2032 08:36:27 GMT
LADI_PAGE_VIEW=0; Expires=Mon, 15 Nov 2032 08:36:27 GMT
LADI_FORM_SUBMIT=0; Expires=Mon, 15 Nov 2032 08:36:27 GMT
LADI_PAGE_VIEW=1; Expires=Mon, 15 Nov 2032 08:36:27 GMT
LADI_CAMP_ID=; Max-Age=0
LADI_CAMP_NAME=; Max-Age=0
LADI_CAMP_TYPE=; Max-Age=0
LADI_CAMP_ORIGIN_URL=; Max-Age=0
LADI_CAMP_TARGET_URL=; Max-Age=0
LADI_CAMP_PAGE_VIEW=; Max-Age=0
LADI_CAMP_FORM_SUBMIT=; Max-Age=0
LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0
LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0
LADI_CAMP_CONFIG=; Max-Age=0
LADI_CAMP_END_DATE=; Max-Age=0
LADI_FUNNEL_NEXT_URL=; Max-Age=0
LADI_FUNNEL_PREV_URL=; Max-Age=0
statuscode: 200
content-encoding: gzip
X-Firefox-Spdy: h2

w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1661321691911

138.199.37.231

200 OK

0 B

URL HTTP/2
w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1661321691911
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/source/ladipage.vi.min.js?v=1661321691911 HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: text/javascript
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"632659ea-539ab"
last-modified: Sat, 17 Sep 2022 23:36:10 GMT
cdn-storageserver: NY-426
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/11/2022 02:44:49
cdn-edgestorageid: 1048
cdn-status: 200
cdn-requestid: 7199a926d93540a2a3d04dd511a4ecc9
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.ladipage.com/event

175.41.143.252

200 OK

0 B

URL HTTP/2
a.ladipage.com/event
IP
175.41.143.252:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /event HTTP/1.1
Host: a.ladipage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
LADI_CLIENT_ID: ca2087f5-7816-482f-5937-08ef75f16ecf
LADI_PAGE_VIEW: 1
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID: 
LADI_CAMP_NAME: 
LADI_CAMP_TYPE: 
LADI_CAMP_TARGET_URL: 
LADI_CAMP_ORIGIN_URL: 
LADI_CAMP_PAGE_VIEW: 0
LADI_CAMP_FORM_SUBMIT: 0
Content-Length: 212
Origin: https://www.taixiu.cc
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: text/plain; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-max-age: 2592000
X-Firefox-Spdy: h2

w.ladicdn.com/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico

138.199.37.231

200 OK

0 B

URL HTTP/2
w.ladicdn.com/61416d65d1330500bc1e1272/favicon-1-20220525080014.ico
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /61416d65d1330500bc1e1272/favicon-1-20220525080014.ico HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.taixiu.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:30 GMT
content-type: image/x-icon
vary: Accept-Encoding
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"628de211-423e"
last-modified: Wed, 25 May 2022 08:00:17 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 353
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 08:36:30
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 068e66f432fd9d2b5e5e4d172c268c79
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2

mygkw.com/

104.21.62.131

404 Not Found

0 B

URL HTTP/2
mygkw.com/
IP
104.21.62.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: mygkw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
date: Fri, 18 Nov 2022 08:36:24 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FEkQE5n5hKkxAOm%2FXplj7%2BVDQpGj3aW4t6okWhB7VHecIRYQLn9OXu7N7Dd06YZo1o%2BJ5kVKLMbCOLLbs4q5mnbfl3kp%2F6Wih4qIwSjg8MWvb73w7U3RMve7tE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76bf60d15a49b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

w.ladicdn.com/s950x800/61416d65d1330500bc1e1272/b9ffec264b939c9a-20220517100602.png

138.199.37.231

200 OK

0 B

URL HTTP/2
w.ladicdn.com/s950x800/61416d65d1330500bc1e1272/b9ffec264b939c9a-20220517100602.png
IP
138.199.37.231:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s950x800/61416d65d1330500bc1e1272/b9ffec264b939c9a-20220517100602.png HTTP/1.1
Host: w.ladicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.taixiu.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 08:36:28 GMT
content-type: image/png
content-length: 364370
server: BunnyCDN-DE-863
cdn-pullzone: 575124
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "628b4e7c-58f52"
last-modified: Mon, 23 May 2022 09:06:04 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 03:31:54
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 8e856ee6933d554198e555d723b67d3e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations