r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 035772439731bbe3992c865f68e4b977
53fe2d0f678772b6b3e935aaca4d1ef82767e48f
9880ae6537e30af38e8d7ed612a5a44a54037d86686c63ef7eeebcc62cbda05f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9880AE6537E30AF38E8D7ED612A5A44A54037D86686C63EF7EEEBCC62CBDA05F"
Last-Modified: Sat, 01 Apr 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8466
Expires: Sat, 01 Apr 2023 20:40:12 GMT
Date: Sat, 01 Apr 2023 18:19:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b3c6ad41618caef9613685a8f786def7
ce6e1256460e0d28da63f797e14a77c1477d0779
ce87c093a66e4a2adfba7794f5db0428a0986b7e74690b773cbd7708ccca3f0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE87C093A66E4A2ADFBA7794F5DB0428A0986B7E74690B773CBD7708CCCA3F0E"
Last-Modified: Sat, 01 Apr 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3918
Expires: Sat, 01 Apr 2023 19:24:24 GMT
Date: Sat, 01 Apr 2023 18:19:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 374c9e295a804e605c402f48ae7e2446
967394b36ecdff2dd32842f878887f061024c6b3
7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10396
Expires: Sat, 01 Apr 2023 21:12:22 GMT
Date: Sat, 01 Apr 2023 18:19:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 01 Apr 2023 18:16:17 GMT
content-type: application/json
age: 169
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7B1DAXzEjS+PfzN8q0mGXjQ3l5WWdI1XCK6uO2V8gSJ7p9gD+EDqBQpLtgJq6e9Y3yHlNpRt/4gVzL4QM//HqQ==
x-amz-request-id: SMF9PJ8VGP7WCGKZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Apr 2023 18:03:50 GMT
age: 916
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Apr 2023 18:19:06 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f89764b5529b0921337bd77a61e1e56a
9306a0bd5335fc1d8fa08780164b26560f1cb8d3
e0f499802da95da189595b16aceb1984eece3fbf88f7494d3290fbec4df5b4eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0F499802DA95DA189595B16ACEB1984EECE3FBF88F7494D3290FBEC4DF5B4EB"
Last-Modified: Fri, 31 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3292
Expires: Sat, 01 Apr 2023 19:13:59 GMT
Date: Sat, 01 Apr 2023 18:19:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Pragma, Backoff, Expires, Last-Modified, Content-Type, Alert, Retry-After, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 01 Apr 2023 18:17:27 GMT
age: 100
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
meta88.com/
18.138.91.122301 Moved Permanently 178 B IP 18.138.91.122:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 01 Apr 2023 18:19:07 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.meta88.com/
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2/dw6PcZ2SmWXlSUKjTS0g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Btn3fFhipp7smULKfgEVJj04624=
Date: Sat, 01 Apr 2023 18:19:07 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.meta88.com/
104.18.15.215301 Moved Permanently 0 B IP 104.18.15.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 01 Apr 2023 18:19:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 01 Apr 2023 19:19:07 GMT
Location: https://www.meta88.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b12d6abe83cb517-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2239
Expires: Sat, 01 Apr 2023 18:56:27 GMT
Date: Sat, 01 Apr 2023 18:19:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2239
Expires: Sat, 01 Apr 2023 18:56:27 GMT
Date: Sat, 01 Apr 2023 18:19:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2239
Expires: Sat, 01 Apr 2023 18:56:27 GMT
Date: Sat, 01 Apr 2023 18:19:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2239
Expires: Sat, 01 Apr 2023 18:56:27 GMT
Date: Sat, 01 Apr 2023 18:19:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8ff1d01e68831d80a4f75d7db3970972
1a9e1f3fa7389cccb0e91cff2616767e1616113e
fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24"
Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2239
Expires: Sat, 01 Apr 2023 18:56:27 GMT
Date: Sat, 01 Apr 2023 18:19:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F808d12ec-c97a-4c49-976e-6025ea897112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: 5d5a94f5-db2f-4c4c-9c9f-08c14b0ccd80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm7NG2NIAMF-sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751e1-57c957f442c42fe148e66831;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:25 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: KkjS04mCLqFET4v9-sePYK-zcztrds608GECT1Fxz3BEpslgxnpLOg==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:37:17 GMT
age: 74511
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ddcef2c96778d9fdee670e187a43ab32
e8c98891a1ffdbb6d30cf8746e067d56fe65d964
4e6fb506079b1daab0b1913a31c6252452f133af9276e18d25fe6fb622ce54ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3800
x-amzn-requestid: a182fb32-649a-4228-a591-080aae8c053a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9VEY2oAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-3a1abb584aa61a954dbd52c1;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ycsh7rNJt9blXZVpFbbdBDu5pZbGDfGIPLt5k0Ff9-fvWTX86Ndz6A==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:45:01 GMT
age: 74047
etag: "e8c98891a1ffdbb6d30cf8746e067d56fe65d964"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: wlc65ytdELa_faMSddEDHZNsbtF1_CgMOho3W3BvkaOSrFyAkKUagg==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Apr 2023 10:47:01 GMT
age: 27127
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8939ac-5249-469a-92a8-f7d39e16fd0c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8939ac-5249-469a-92a8-f7d39e16fd0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9725cb9ee354d9c9ca233288e3621ed
5e1ca2a4695fa9e4e6e69b5a5cb05c8ce43244fb
c03a0ed04efe13a15b6a0a05848473de9f5196c26096579b99475b22df2a7c4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8939ac-5249-469a-92a8-f7d39e16fd0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10248
x-amzn-requestid: c53c08eb-adf7-447d-b303-759b6419a2bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ClU6GHD4oAMFcww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6425350d-7a6494c770dd83f17e839234;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 07:06:53 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vsKa0V3GQ0TBNplDEFb92JAIcP_pE4kf5XEUjULdrBnecmnEheEwRQ==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Apr 2023 07:16:44 GMT
age: 39744
etag: "5e1ca2a4695fa9e4e6e69b5a5cb05c8ce43244fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c193cd4520e8ee5d17cd1f3faadc1c73
b46effcb93e0ad066474ec1f67bcd54020615caf
bc824341b884278e7e69ae3bb87484ad914e5909544959ebc8f8661a545cb929
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24171d10-56ac-40e7-9d10-77b9e948da6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10128
x-amzn-requestid: bdd46a1d-4b43-4450-be32-3e3947d2fcd7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm9VELdIAMFmmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751ee-346e92d143f6fcf46db741c8;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jidQVHgb6EK_fyGj4wYgdWEBeth8CIB5szPrwrgmirz4Q9tSYpRrsw==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 21:47:06 GMT
age: 73922
etag: "b46effcb93e0ad066474ec1f67bcd54020615caf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb930830ac86ec8ace6a232f67810ba
d084bf4331446c35236019010b2bcf82d45dad1c
bb81782bf590d601110ec8fb891f701e0f5084bda46370d30345bd81403a33ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5830
x-amzn-requestid: 0897bf26-6156-48d3-ba67-596cc326dddc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CqnHHG0JoAMF87w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6427522d-6f380d901d9d6b737ec19d6d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:35:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: UfN2iRmDUhddBZW6qGy3q2-HCqb6Kx3iDENnirUkIoCJ6BW6zdWVtw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 22:44:32 GMT
etag: "d084bf4331446c35236019010b2bcf82d45dad1c"
content-type: image/jpeg
age: 70476
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.meta88.com/assets/styles/images/sprites2.png
104.18.14.215200 OK 6.0 kB URL HTTP/2 www.meta88.com/assets/styles/images/sprites2.png
IP 104.18.14.215:0
File type PNG image data, 115 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 086f86511b0813d1d729762d4abd4240
d5dc9fccead81ab85acd0d770bf39bd8b2c7f0a0
c79966b969c421b3c2ce86193262adaddf406717f7899a071204bc62975b2a57
GET /assets/styles/images/sprites2.png HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
Cookie: __utms=ACD81CBA85294779AF869B77E4D586; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:09 GMT
content-type: image/png
content-length: 5981
etag: "1d9637e198f78dd"
last-modified: Fri, 31 Mar 2023 03:08:43 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b12d6b498ff1c12-OSL
X-Firefox-Spdy: h2
www.meta88.com/assets/styles/fonts/opensans/OpenSans-Regular.ttf
104.18.14.215200 OK 217 kB URL HTTP/2 www.meta88.com/assets/styles/fonts/opensans/OpenSans-Regular.ttf
IP 104.18.14.215:0
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans\012- data
Size 217 kB (217360 bytes)
Hash 629a55a7e793da068dc580d184cc0e31
3564ed0b5363df5cf277c16e0c6bedc5a682217f
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
Cookie: __utms=ACD81CBA85294779AF869B77E4D586; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:09 GMT
content-type: application/x-font-ttf
content-length: 217360
etag: "1d9637e198c3e90"
last-modified: Fri, 31 Mar 2023 03:08:43 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b12d6b4a9141c12-OSL
X-Firefox-Spdy: h2
www.meta88.com/assets/styles/images/mode/y9.svg
104.18.14.215200 OK 613 B URL HTTP/2 www.meta88.com/assets/styles/images/mode/y9.svg
IP 104.18.14.215:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (541), with CRLF, LF line terminators
Hash 4aef7e87c6a942b8e3d51a1344e98e8f
8ffb931cd7ea89527111e248f1983694e7fd6c6d
9fafb856865fd94f01d0e3963c4cbf6f764c0da249e9fb72578974c12bdd9f6b
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/images/mode/y9.svg HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
Cookie: __utms=ACD81CBA85294779AF869B77E4D586; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:09 GMT
content-type: image/svg+xml
etag: W/"1d9637e198f6d05"
last-modified: Fri, 31 Mar 2023 03:08:43 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b12d6b498fd1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d94448cc9a73733577df85ea6101f1f
77a4bc61a6540ac9497c41873042f3ac86bc8ea4
69c26e4c2df1d1787b2339cfa3fa2b58ab7a58450895d84a7bc27121cc1968a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69C26E4C2DF1D1787B2339CFA3FA2B58AB7A58450895D84A7BC27121CC1968A5"
Last-Modified: Sat, 01 Apr 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 02 Apr 2023 00:19:11 GMT
Date: Sat, 01 Apr 2023 18:19:11 GMT
Connection: keep-alive
www.meta88.com/assets/bundles/bootstrap-ex.min.css?v=A9OHv9yg4Do4tZEMxk-knRG-Juc
104.18.14.215200 OK 52 kB URL HTTP/2 www.meta88.com/assets/bundles/bootstrap-ex.min.css?v=A9OHv9yg4Do4tZEMxk-knRG-Juc
IP 104.18.14.215:0
Hash 94d8d4ed2c99f7a20b32c1fc6684f1b4
95c2b269cc77e6638aa8a96b544b6fa5d678b277
e1e2a259a95e7d68d3e70de2bbe4e3b84d6d65e12a98842be3af5cb4e1e7fce1
GET /assets/bundles/bootstrap-ex.min.css?v=A9OHv9yg4Do4tZEMxk-knRG-Juc HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/
Cookie: __utms=ACD81CBA85294779AF869B77E4D586; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:08 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"7PM-DsanC4COF-HSJEgz4xcDQKo"
last-modified: Fri, 31 Mar 2023 03:08:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b12d6b03b201c12-OSL
X-Firefox-Spdy: h2
sc.saceted.com/di/hc.html
216.137.44.74200 OK 205 B URL HTTP/2 sc.saceted.com/di/hc.html
IP 216.137.44.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 77c054f8b81343374662df079138ecdf
5074c0e0d8ea926d5b3afeae9f11b2d4d1eaae62
0d32ba2390235ab29d5086712e791b9cb8605ba53ccb58314c1bf62100cb9599
GET /di/hc.html HTTP/1.1
Host: sc.saceted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meta88.com/
Origin: https://www.meta88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Sat, 01 Apr 2023 18:19:11 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 dc934eeca08c60e0878cc8271c2e7428.cloudfront.net (CloudFront)
x-mly-id: 8f0a88091aeac687c5a824c512cf54eb
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: ncPJ9hW98nUt8t3zkGLhdJP7wTGcWEN--Sj9lVe9odXbi6acUxBzkw==
X-Firefox-Spdy: h2
sc.casemed.net/di/hc.html
18.244.114.12200 OK 205 B URL HTTP/2 sc.casemed.net/di/hc.html
IP 18.244.114.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 77c054f8b81343374662df079138ecdf
5074c0e0d8ea926d5b3afeae9f11b2d4d1eaae62
0d32ba2390235ab29d5086712e791b9cb8605ba53ccb58314c1bf62100cb9599
GET /di/hc.html HTTP/1.1
Host: sc.casemed.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.meta88.com/
Origin: https://www.meta88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Sat, 01 Apr 2023 18:19:11 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 0793cf4372c8a2296978310c06fb0bde.cloudfront.net (CloudFront)
x-mly-id: 9290c80cd9eeed44101bbb260f6630d7
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR50-P6
x-amz-cf-id: xPfEy2r-buNOvN9Rj3BrMdQtYn7pugcg5mzrklZgL1962DN-42mZiw==
X-Firefox-Spdy: h2
sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmipzHlB7JHHDonkyHsKNwp05HMKQLcO2w4%2FCp8KOwqwSwrzDiw1ye8O9ZcK6wrjCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOvH18gwpLDrjxrw5R0BHTCusOzesOzdcK2bkJEw4DCgMOAw6HDicOaw6zDkMOfw6cQwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0ww6p9Ww0kOcK%2Fw4c2wps5wrfCpsOkw5nDkMKjwpXCoxUIwr7CoQwzD8K1FcOnwrVyBHwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsOZwrLDtcOLwqnDi8Kcw5LCrMKiwqbDmcOdMsKBw6TDocKBw5Y1wpMedntOworCuiTCrsKXwpjDjUvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTX9gw58Ew4ANPn44w77CphoSw5IEw6BNXF7DsMKWA3xMUgoOB2dSw6XCmFpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFmlQbCzDoBB%2BwpvCumcMw4nCrcKWDBxmcRMLwonDjcK5w5AIwoLCh8OHB0dWw7XDrMOJIVjDt8Oww4gqPcKaw6vCkMKhXFkewqcgXMOSLcOyw4bCuBY9w4HDpgYawpnDtx54wqXCncOcMsKKw4XCsxpJLEHClCbDj2djJcOQw44Dw5bDnW%2FDisK7Zko9MsOYw53DkDPDjsOkw6xTwovCigdgXMKIJXExJUAecSnDlBNJwpMRRMOwK20Kw6vCkRt1GMKCw7XDlcOxwoFnw582FS1Fwooaw7A9wqJZwo%2FCtMKJwrxeFBbCnzPCmg7DpD1Jd8Ksw7wAwobDusOrdENbwqUbDT5Cw5Blw7Ufw7wPwrHDlCc0wrgjHXrCgMOXbMKFwqwqw45bPjgJEMO%2Bw4Yjwp%2FCsh8Fw7ggw4g2w7DCvVbDrMKqEMO%2Bwr%2FDrsKbwqbClMOIw74SQC0DBsKHbE5IwpIVwqHDlEw1wo%2FDq2EQbUbCqMOLWsO4w7I6wo%2FDqRtYIGM1wpnCtDPCkULCnRFxwqDCrVvDiMO9w7hySRojCcKRCMO4F8K8w7Y6dMKyA1jCjcKyISfClRcncMOPS8KRwqU%2FMgjCh2Ujw73ChsORPkZewpZUw7MxA8KXw5kDB1ttw5hIw64fSsOMcGkBwonDg3HDqF0DwqnCjMKvfAnCnWoMQ8ODOW9bDsOewo1ywqfCiMO1w7zCt8OxwqPCssKHMB1WSFzCvsKPLUwtwqTCmsOdwq1CdcOXwq0GwqNVYcO%2Fw7vCkibDvzHCsXcSf3zCngvDscOjQMK6cW%2FDisKTwooIclTCgMO1w4vCokzDhcO3E0YwwosfwrrDog%3D%3D&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D
13.224.132.37200 OK 104 B URL HTTP/2 sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmipzHlB7JHHDonkyHsKNwp05HMKQLcO2w4%2FCp8KOwqwSwrzDiw1ye8O9ZcK6wrjCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOvH18gwpLDrjxrw5R0BHTCusOzesOzdcK2bkJEw4DCgMOAw6HDicOaw6zDkMOfw6cQwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0ww6p9Ww0kOcK%2Fw4c2wps5wrfCpsOkw5nDkMKjwpXCoxUIwr7CoQwzD8K1FcOnwrVyBHwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsOZwrLDtcOLwqnDi8Kcw5LCrMKiwqbDmcOdMsKBw6TDocKBw5Y1wpMedntOworCuiTCrsKXwpjDjUvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTX9gw58Ew4ANPn44w77CphoSw5IEw6BNXF7DsMKWA3xMUgoOB2dSw6XCmFpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFmlQbCzDoBB%2BwpvCumcMw4nCrcKWDBxmcRMLwonDjcK5w5AIwoLCh8OHB0dWw7XDrMOJIVjDt8Oww4gqPcKaw6vCkMKhXFkewqcgXMOSLcOyw4bCuBY9w4HDpgYawpnDtx54wqXCncOcMsKKw4XCsxpJLEHClCbDj2djJcOQw44Dw5bDnW%2FDisK7Zko9MsOYw53DkDPDjsOkw6xTwovCigdgXMKIJXExJUAecSnDlBNJwpMRRMOwK20Kw6vCkRt1GMKCw7XDlcOxwoFnw582FS1Fwooaw7A9wqJZwo%2FCtMKJwrxeFBbCnzPCmg7DpD1Jd8Ksw7wAwobDusOrdENbwqUbDT5Cw5Blw7Ufw7wPwrHDlCc0wrgjHXrCgMOXbMKFwqwqw45bPjgJEMO%2Bw4Yjwp%2FCsh8Fw7ggw4g2w7DCvVbDrMKqEMO%2Bwr%2FDrsKbwqbClMOIw74SQC0DBsKHbE5IwpIVwqHDlEw1wo%2FDq2EQbUbCqMOLWsO4w7I6wo%2FDqRtYIGM1wpnCtDPCkULCnRFxwqDCrVvDiMO9w7hySRojCcKRCMO4F8K8w7Y6dMKyA1jCjcKyISfClRcncMOPS8KRwqU%2FMgjCh2Ujw73ChsORPkZewpZUw7MxA8KXw5kDB1ttw5hIw64fSsOMcGkBwonDg3HDqF0DwqnCjMKvfAnCnWoMQ8ODOW9bDsOewo1ywqfCiMO1w7zCt8OxwqPCssKHMB1WSFzCvsKPLUwtwqTCmsOdwq1CdcOXwq0GwqNVYcO%2Fw7vCkibDvzHCsXcSf3zCngvDscOjQMK6cW%2FDisKTwooIclTCgMO1w4vCokzDhcO3E0YwwosfwrrDog%3D%3D&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D
IP 13.224.132.37:0
File type ASCII text, with no line terminators
Hash 484ec1de3c79db6712f9276ecc1760a2
f6d5bc8df4d1c482927927054549cbaaaebb2a13
fe6a473a1c8e45cb343759058f28527e17c3e9d2b77af928b4cf0082f8fcf8da
GET /di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmipzHlB7JHHDonkyHsKNwp05HMKQLcO2w4%2FCp8KOwqwSwrzDiw1ye8O9ZcK6wrjCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOvH18gwpLDrjxrw5R0BHTCusOzesOzdcK2bkJEw4DCgMOAw6HDicOaw6zDkMOfw6cQwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0ww6p9Ww0kOcK%2Fw4c2wps5wrfCpsOkw5nDkMKjwpXCoxUIwr7CoQwzD8K1FcOnwrVyBHwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsOZwrLDtcOLwqnDi8Kcw5LCrMKiwqbDmcOdMsKBw6TDocKBw5Y1wpMedntOworCuiTCrsKXwpjDjUvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTX9gw58Ew4ANPn44w77CphoSw5IEw6BNXF7DsMKWA3xMUgoOB2dSw6XCmFpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFmlQbCzDoBB%2BwpvCumcMw4nCrcKWDBxmcRMLwonDjcK5w5AIwoLCh8OHB0dWw7XDrMOJIVjDt8Oww4gqPcKaw6vCkMKhXFkewqcgXMOSLcOyw4bCuBY9w4HDpgYawpnDtx54wqXCncOcMsKKw4XCsxpJLEHClCbDj2djJcOQw44Dw5bDnW%2FDisK7Zko9MsOYw53DkDPDjsOkw6xTwovCigdgXMKIJXExJUAecSnDlBNJwpMRRMOwK20Kw6vCkRt1GMKCw7XDlcOxwoFnw582FS1Fwooaw7A9wqJZwo%2FCtMKJwrxeFBbCnzPCmg7DpD1Jd8Ksw7wAwobDusOrdENbwqUbDT5Cw5Blw7Ufw7wPwrHDlCc0wrgjHXrCgMOXbMKFwqwqw45bPjgJEMO%2Bw4Yjwp%2FCsh8Fw7ggw4g2w7DCvVbDrMKqEMO%2Bwr%2FDrsKbwqbClMOIw74SQC0DBsKHbE5IwpIVwqHDlEw1wo%2FDq2EQbUbCqMOLWsO4w7I6wo%2FDqRtYIGM1wpnCtDPCkULCnRFxwqDCrVvDiMO9w7hySRojCcKRCMO4F8K8w7Y6dMKyA1jCjcKyISfClRcncMOPS8KRwqU%2FMgjCh2Ujw73ChsORPkZewpZUw7MxA8KXw5kDB1ttw5hIw64fSsOMcGkBwonDg3HDqF0DwqnCjMKvfAnCnWoMQ8ODOW9bDsOewo1ywqfCiMO1w7zCt8OxwqPCssKHMB1WSFzCvsKPLUwtwqTCmsOdwq1CdcOXwq0GwqNVYcO%2Fw7vCkibDvzHCsXcSf3zCngvDscOjQMK6cW%2FDisKTwooIclTCgMO1w4vCokzDhcO3E0YwwosfwrrDog%3D%3D&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 104
server: nginx
date: Sat, 01 Apr 2023 18:19:13 GMT
cache-control: private, max-age=2592000
last-modified: Fri, 07 May 2021 09:43:21 GMT
etag: 453c52cafc5f65c0e397d660cbc24bfd2712a3adf593ea699756b67d5c60da1b
set-cookie: SameSite=None; Secure
(global.c3)=453c52cafc5f65c0e397d660cbc24bfd2712a3adf593ea699756b67d5c60da1b; expires=Fri, 01-Apr-2033 18:19:13 GMT; path=/
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 0b087ba0ae8ddae6c31ec71886481982.cloudfront.net (CloudFront)
x-mly-id: db112d54b38938f1f4a68960765e489f
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: 5EXC_FHO8Cx6Dk4MNRBU1wDVrGEkX9RC6nbEieFFM5ISc2AM_mMqhw==
X-Firefox-Spdy: h2
sc.detecas.com/di/dd.ashx?v=Mi4wLjY%3D&deviceCode=0de3b865c2e4f1f820211c2ddde04153
13.224.132.37200 OK 7 B URL HTTP/2 sc.detecas.com/di/dd.ashx?v=Mi4wLjY%3D&deviceCode=0de3b865c2e4f1f820211c2ddde04153
IP 13.224.132.37:0
File type ASCII text, with no line terminators
Hash 7682d345add5f360f96f3c8f359ca5c7
88a383fa691f59a0769abf154b8015a6274c0055
8397912ada2760dca34d1adb644cf54fc5c8d05d0ad56b4a6f99096b03ac8431
POST /di/dd.ashx?v=Mi4wLjY%3D&deviceCode=0de3b865c2e4f1f820211c2ddde04153 HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1339
Origin: https://www.meta88.com
Connection: keep-alive
Referer: https://www.meta88.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 7
server: nginx
date: Sat, 01 Apr 2023 18:19:14 GMT
cache-control: private, max-age=2592000
last-modified: Fri, 07 May 2021 09:43:21 GMT
etag: 0de3b865c2e4f1f820211c2ddde04153
set-cookie: SameSite=None; Secure
(version.c3)=0de3b865c2e4f1f820211c2ddde04153; expires=Mon, 01-May-2023 18:19:14 GMT; path=/
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 0b087ba0ae8ddae6c31ec71886481982.cloudfront.net (CloudFront)
x-mly-id: a4268f55f6ba0e7829bc4abd8bdc7e56
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: tAD9Ng_TjexqCxX_M4smQpNh3D0dhu6nR8wz8m29vXgC_p3tFKDvjA==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5464d27-4a65-4ce5-81dc-c2d73690f9ea.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5464d27-4a65-4ce5-81dc-c2d73690f9ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7a1cb3f6466e8edda3a9812c683f298
2e0415c7cbceef918add7de96c1f35393b499d49
43fdd189ffa0b3323cea6113bc4b8f4a55baf4acd869a79f5b1bf988dd82620f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5464d27-4a65-4ce5-81dc-c2d73690f9ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9166
x-amzn-requestid: e6475900-b87a-4e72-8196-42fd6589cfc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cqm7BFw-oAMF-sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642751df-519756f52943cf855b4e0bf7;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: vnxCcZzVTM1zw9mRBX4PmoE_eQTgWWTPZM-hhijOiWYRjnyf-8hhjg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 22:00:03 GMT
age: 73152
etag: "2e0415c7cbceef918add7de96c1f35393b499d49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.meta88.com/
104.18.14.215200 OK 0 B IP 104.18.14.215:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:08 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache,no-store
expires: -1
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
set-cookie: __utms=ACD81CBA85294779AF869B77E4D586; expires=Sun, 02 Apr 2023 18:19:07 GMT; domain=www.meta88.com; path=/; httponly
.AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; path=/; samesite=strict; httponly
.AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL; path=/; samesite=lax; httponly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b12d6ac2e231c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.meta88.com/assets/bundles/alpha.slider-captcha.css?v=2j9ergGXsmAi7zHzcasoWP4lzk8
104.18.14.215200 OK 0 B URL HTTP/2 www.meta88.com/assets/bundles/alpha.slider-captcha.css?v=2j9ergGXsmAi7zHzcasoWP4lzk8
IP 104.18.14.215:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/bundles/alpha.slider-captcha.css?v=2j9ergGXsmAi7zHzcasoWP4lzk8 HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/
Cookie: __utms=ACD81CBA85294779AF869B77E4D586; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:08 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"2j9ergGXsmAi7zHzcasoWP4lzk8"
last-modified: Fri, 31 Mar 2023 03:08:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b12d6b03b2b1c12-OSL
X-Firefox-Spdy: h2
www.meta88.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
104.18.14.215200 OK 0 B URL HTTP/2 www.meta88.com/assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k
IP 104.18.14.215:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/bundles/themes/default.min.css?v=aLpigf5SDzKO_s6iMJWann6NT6k HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/
Cookie: __utms=ACD81CBA85294779AF869B77E4D586; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:08 GMT
content-type: text/css; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"aLpigf5SDzKO_s6iMJWann6NT6k"
last-modified: Fri, 31 Mar 2023 03:08:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b12d6b03b261c12-OSL
X-Firefox-Spdy: h2
sc.detecas.com/di/activator.ashx
13.224.132.37200 OK 0 B URL HTTP/2 sc.detecas.com/di/activator.ashx
IP 13.224.132.37:0
GET /di/activator.ashx HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
date: Sat, 01 Apr 2023 18:19:11 GMT
cache-control: private, max-age=600
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
timing-allow-origin: *
via: mly, 1.1 0b087ba0ae8ddae6c31ec71886481982.cloudfront.net (CloudFront)
x-mly-id: f544f86e9b58f94ac3e852cdce82c955
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: whI1ZaxovLnmxg2EtjJn3I7LltC3Dthtimfk93X-DnfuKpDT40Y2LA==
X-Firefox-Spdy: h2
www.meta88.com/assets/bundles/fps.js?v=5vBF7QsZhkjzfmvu0AMbv2w2640
104.18.14.215200 OK 0 B URL HTTP/2 www.meta88.com/assets/bundles/fps.js?v=5vBF7QsZhkjzfmvu0AMbv2w2640
IP 104.18.14.215:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/bundles/fps.js?v=5vBF7QsZhkjzfmvu0AMbv2w2640 HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/
Cookie: __utms=ACD81CBA85294779AF869B77E4D586; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:09 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"5vBF7QsZhkjzfmvu0AMbv2w2640"
last-modified: Fri, 31 Mar 2023 03:08:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b12d6b03b311c12-OSL
X-Firefox-Spdy: h2
www.meta88.com/favicon.ico
104.18.14.215200 OK 0 B URL HTTP/2 www.meta88.com/favicon.ico
IP 104.18.14.215:0
GET /favicon.ico HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/
Cookie: __utms=ACD81CBA85294779AF869B77E4D586; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL; hidLanguage=en-US; LANGUAGE=en-US
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:12 GMT
content-type: image/x-icon
etag: W/"1d9637e34fa7efe"
last-modified: Fri, 31 Mar 2023 03:09:29 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b12d6c028291c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.meta88.com/assets/bundles/login.min.js?v=UNxL6IYV3VXJ2C_tpnkSWUkojUI
104.18.14.215200 OK 0 B URL HTTP/2 www.meta88.com/assets/bundles/login.min.js?v=UNxL6IYV3VXJ2C_tpnkSWUkojUI
IP 104.18.14.215:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/bundles/login.min.js?v=UNxL6IYV3VXJ2C_tpnkSWUkojUI HTTP/1.1
Host: www.meta88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.meta88.com/
Cookie: __utms=ACD81CBA85294779AF869B77E4D586; .AspNetCore.Antiforgery.WDFpV_iIKZQ=CfDJ8By69Ukru-hPigpz_UzW9QC7nvXBRViuCfZqI7pEFQZsY8592FO_dehmfi2sewZAL4FkYGyMOQ0eHBBb6fxqGzfUFIMB1J2Nqd4dGooqQnOO1smgZR1G1XntOBbL80Isps1c2FEOgFMbQ4aVoJxTPPU; .AspNetCore.Session=CfDJ8By69Ukru%2BhPigpz%2FUzW9QCaosIywZl5U5a3Dz%2FDYvad%2Bfwhg%2BPuWWPKRfAGd7B81Shj0gTRae%2Bp7tTjFQI2ayr3TF6NRKkAwv1g1IyUVu6eYADnrDNDP2HNwO%2B6PnXHr3o7iMDTb0hptVuk1F6E5%2BdM%2Fpfloomp8%2FV%2BtNUARtqL
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:09 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000,immutable
etag: W/"UNxL6IYV3VXJ2C_tpnkSWUkojUI"
last-modified: Fri, 31 Mar 2023 03:08:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b12d6b03b2d1c12-OSL
X-Firefox-Spdy: h2
stcdn.b8ag.com/bundles/common/hc.css?v=1680373147552
104.18.15.215200 OK 0 B URL HTTP/2 stcdn.b8ag.com/bundles/common/hc.css?v=1680373147552
IP 104.18.15.215:0
GET /bundles/common/hc.css?v=1680373147552 HTTP/1.1
Host: stcdn.b8ag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.meta88.com
Connection: keep-alive
Referer: https://www.meta88.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:10 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 08:17:47 GMT
etag: W/"6409962b-6"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b12d6bb9f460b06-OSL
X-Firefox-Spdy: h2
stcdn.agbong88.com/bundles/common/hc.css?v=1680373147554
104.18.15.215200 OK 0 B URL HTTP/2 stcdn.agbong88.com/bundles/common/hc.css?v=1680373147554
IP 104.18.15.215:0
GET /bundles/common/hc.css?v=1680373147554 HTTP/1.1
Host: stcdn.agbong88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.meta88.com
Connection: keep-alive
Referer: https://www.meta88.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Apr 2023 18:19:10 GMT
content-type: text/css
last-modified: Thu, 09 Mar 2023 08:17:47 GMT
etag: W/"6409962b-6"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7b12d6bb9eaf0b69-OSL
X-Firefox-Spdy: h2