Report - nmpy5.hcm660.com/

Report Overview

Visited public
2025-05-09 01:30:52
Tags
URL
nmpy5.hcm660.com/
Finishing URL
ntk16.hcm660.com/
IP / ASN
104.21.32.1
#13335 CLOUDFLARENET
Title
HCM66 Welcome

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.hcm2244.com	unknown	2022-12-09	2025-03-19	2025-05-08	441 B	537 B	104.18.24.129
hcm66gcdn.hcm2211.com	unknown	2024-07-10	2024-10-18	2025-05-08	447 B	0 B	0.0.0.0
hcm66awscdn.hcm2222.com	unknown	2022-12-09	2024-10-18	2025-05-08	2.7 kB	2.6 kB	3.167.2.12
hcm66awscdn.hcm2233.com	unknown	2022-12-09	2024-10-18	2025-05-08	449 B	627 B	3.167.2.74
ntk16.hcm660.com	unknown	2023-01-11	2025-05-09	2025-05-09	7.1 kB	70 kB	104.21.96.1
o566mch.hcm665.com	unknown	2023-01-11	2025-05-08	2025-05-08	32 kB	543 kB	104.18.24.129
nmpy5.hcm660.com	unknown	2023-01-11	2025-05-09	2025-05-09	485 B	7.9 kB	104.21.96.1
w2.4hxn3e.shop	unknown	2024-07-30	2024-12-12	2025-05-08	27 kB	5.3 MB	34.144.193.180
cdntoos.hcm2233.com	unknown	2022-12-09	2024-10-18	2025-05-08	15 kB	1.7 MB	3.167.2.113
hcm66cfcdn.hcm2200.com	unknown	2024-07-10	2024-10-18	2025-05-08	448 B	537 B	104.18.24.129
hcm66cfcdn.hcm2244.com	unknown	2022-12-09	2024-10-18	2025-05-08	448 B	537 B	104.18.24.129
cdntoos.hcm2222.com	unknown	2022-12-09	2024-10-18	2025-05-08	455 B	984 B	54.240.174.8
cdntoos.hcm2211.com	unknown	2024-07-10	2024-10-18	2025-05-08	968 B	0 B	0.0.0.0
hcm2244.com	unknown	2022-12-09	2025-03-20	2025-05-08	9.4 kB	7.0 kB	104.18.25.129
p0gceg-285-ppp.oss-accelerate.aliyuncs.com	unknown	2012-04-01	2023-08-03	2025-05-08	1.0 kB	42 kB	47.254.187.197
cdntoos.hcm2255.com	unknown	2022-12-09	2024-12-12	2025-05-08	968 B	1.8 kB	13.107.246.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-09 01:30:37	low	Client IP	47.254.187.197	ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)
2025-05-09 01:30:40	low	Client IP	47.254.187.197	ET INFO Observed Alibaba Cloud CDN Domain (aliyuncs .com in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (95)

	URL	From	Size	First Seen	Last Seen
	w2.4hxn3e.shop/	Function	155 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1566 Hash 11a3ef28ed9f53cd67446008e40169b9 d39862894b62747f3b336f76ba77b1bf209c18d8 a79e695feb3aae218e6af4a076e1eecad69da57195a3e24ad1f1e86f414dd018 Loading...

	w2.4hxn3e.shop/assets/theme-1/ListedRewardsIndex.BUxPQ_dU.js	ImportedModule	457 B	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/ListedRewardsIndex.BUxPQ_dU.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen83 Hash 953affb9fcaf511082d079c45d22f214 9664e9b57479d631507c8524c877bb6f51f0f8a2 5dd0317e3cef39611a1ffd9a100a7e4a5bbd0407a7a88cf39a7301bc5ef07ab8 Loading...

	w2.4hxn3e.shop/	Function	142 B	2025-03-09	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-09 03:44 Last Seen2025-06-02 00:26 Times Seen1701 Hash 170252f2a0a319c86387ee84e074957b 6d3390be05a3eb0f0dd039199f308c44a15a5d8b 7613b3ba74053bfffee654355a35378a14729cadf885b97504467297f5953f1d Loading...

	w2.4hxn3e.shop/	Function	142 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1694 Hash 0e13459ea0f3edc7daa4639b51942689 e0026dc739ac5d9eb8d68245f2069c0c3d471d55 d15f6d7f313bbed1fece0bd5a18ccf4446c8ccc70abaf6a6f09e46b068b82312 Loading...

	w2.4hxn3e.shop/	Function	225 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen2178 Hash 55dba00d48ab276e70e912b436b1b366 94e4ada12e8b7b9b67ee518ec82f514e6c31bd72 be2afb45ceadce5878c86228731c8474986b3c9606167d3ed07903718c16a9ca Loading...

	w2.4hxn3e.shop/	ScriptElement	62 kB	2025-05-09	2025-05-09
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-09 01:30 Last Seen2025-05-09 01:30 Times Seen1 Hash f7948b81321ee046e5c4c80ef5144220 bc0fbdd56961e6e1987f0cab1b94be9dc0970eb1 0881d0ba5bb5c51fc032b80a42be2205c547b2d4378f3fda5fcf07a8c0700843 Loading...

	w2.4hxn3e.shop/	Function	141 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1943 Hash 236c8588c8ead6ffb2f2571a5da3234b a86728eb463b0a2452e85790ee0f10f2d7c05aa4 0198ee64471586459d090b4fd09703e26c4352debcfbeec3160ce61a7dd0ad55 Loading...

	w2.4hxn3e.shop/	Function	144 B	2025-05-08	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-05-08 18:04 Last Seen2025-06-02 00:26 Times Seen1825 Hash 6833ef6be3dac026087ea900d920e4a7 ef246c5eb4d656e6684f0a8d5e4662fdb5791880 30dd8b30fcc244ffa8e45e79501c29f1c0835ad6afaa0e868345d57a47d6eb84 Loading...

	w2.4hxn3e.shop/	Function	144 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1791 Hash aa6affebd1468aa19f747eec2833cb7d 5d8a101d7535497d2ed8c26919ac7d34e9d7a32a 419e9d4d3f484cb923284ec4a5b7ebef176ac16dad90e84779facfc9a8112917 Loading...

	w2.4hxn3e.shop/	EventHandler	38 B	2023-04-17	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-17 00:16 Last Seen2025-06-02 13:17 Times Seen4883 Hash d313558795d5a89ada9c73c4e7c6d37d c66fa2f3b1a23d8b43d20357d6e391dfc18f492a baafb89d4a9938d8004739b2da4475c3d102f907a283f4b2774f752f24fcbce9 Loading...

	w2.4hxn3e.shop/	Function	154 B	2025-05-08	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-05-08 18:04 Last Seen2025-06-02 00:26 Times Seen1802 Hash 0e5fbf39ff826561d1d56557a8b33da7 aa5f1efdd724251cd0972f773eefe9a605f8ece3 15491b959052f0e4ac5c8b762b10e0f655018c5b6a5f8cb68bc8a5aa1f4e0d92 Loading...

	w2.4hxn3e.shop/assets/theme-1/RechargeDetailIndex.CGdCOwX9.js	ImportedModule	4.9 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/RechargeDetailIndex.CGdCOwX9.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen77 Hash f4973002004765075e85fccf281dbdd5 e076b639cd6649ac3144d891675b802d5ed87516 10f5565e6c72782965002bf77b220603c90cc6e59f3ad11a9a7dc8b6fe509616 Loading...

	w2.4hxn3e.shop/	Function	141 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1658 Hash 8af88587c3c477b39b6e8ffd7629b54a e96e7a6d2f8b799f2948ca439a1835e4bbb4cb31 348c7e508234b7d725d6b0535d02c4f6cd0a473c7f142e80d72a22ada8755d2e Loading...

	w2.4hxn3e.shop/	Function	143 B	2023-06-07	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-06-07 15:49 Last Seen2025-06-02 00:26 Times Seen1704 Hash 5acbe8ff03b35d066ed227294e179d65 47aa97fb9cdcbd839924491885b46abf364132bf 8dbae94755c823acc69a1bef2232b3cf59506cff7d166dfe979545313d367d2c Loading...

	w2.4hxn3e.shop/	Function	139 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1511 Hash 71bd35d98d668bf01cac35330665c5c2 74b95a8b8a2eec1f94ee78bdcc69113d1476b4c1 16e6c77e92a252d66ec0dde4369b4cd0ff96d86f460eacb111e3e5004852272a Loading...

	w2.4hxn3e.shop/	Function	143 B	2025-03-09	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-09 03:44 Last Seen2025-06-02 00:26 Times Seen1693 Hash 11158df6535bf8487a12e4804bf91ecd 4a923322897cfcd2e1d3097d28773e7ebb04dd73 0b5f962475de9c03fb3ddd008dbb67340e163c86761360527823ace3b87b86b0 Loading...

	w2.4hxn3e.shop/assets/vendors/vendor-bignumber.D7tUMeU1.js	ImportedModule	1.0 kB	2025-03-28	2025-06-02
Pretty URL w2.4hxn3e.shop/assets/vendors/vendor-bignumber.D7tUMeU1.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-28 02:56 Last Seen2025-06-02 10:19 Times Seen2754 Hash 24e1b480f3951619a35f28866838849e 34a086868ba816ea815698e52e80244dab052c94 8b67578ee0456b6a0a858a20a571658e89d1475ad1c3c43fedba508e9f0c88c0 Loading...

	w2.4hxn3e.shop/	Function	151 B	2025-03-19	2025-05-29
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-05-29 04:38 Times Seen2113 Hash aed291b3c45e6412941626e93e33c633 2759c3c197adfda85a312209baceb5521bdfd243 e0c2278a3bc4b79603430e0a8218e47a27ccac2597ff1e61e10178d08d6c1fe4 Loading...

	w2.4hxn3e.shop/	Function	136 B	2023-06-28	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-06-28 20:43 Last Seen2025-06-02 10:19 Times Seen2474 Hash 1d4700e7818854aec11dc4d0591f9626 33b2ac2baa38752d6f1edf04c37521182691204a 1d5965d8f785900972e887d8981bd26afd51aab614536dce2510a27167b51ff0 Loading...

	w2.4hxn3e.shop/	Function	145 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1851 Hash dd042e1df3c220b23657cf2337b5e977 fb56c4a9b2ddb9e1bfdae49bf977964671ae38b3 af3545729395154b99c7df9ce54750b4deab9af1b5a26fa957b688f2b9e020dd Loading...

	w2.4hxn3e.shop/	Function	145 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1534 Hash 3812238122aab4ad8dfeab3d8d863afa 83e1df3b67277c689b953335720ea3b28e8d7310 bb4ed438b88f16af66c2f833868a61b259b1ef739e35868a1156b3eba1fb1596 Loading...

	w2.4hxn3e.shop/assets/theme-1/2_EventDialogsChunk.DgiwuRqy.js	ScriptElement	101 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/2_EventDialogsChunk.DgiwuRqy.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 18:04 Last Seen2025-05-09 05:26 Times Seen72 Hash 4a50bc9528fad50c6e9a086ab8f578ec aab596927298b2e4d8b06b76f912d85496667a1c 2e891ab794c9a59515815a38730d6b736bb9a21716ae57f944e48acfea4500ff Loading...

	w2.4hxn3e.shop/	Function	131 B	2023-04-18	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 07:51 Last Seen2025-06-02 13:17 Times Seen3958 Hash b37caca13d43c34dcf1bcc82cc983135 8fd227d36547bc185c2886f0c3c9fc637c5b5f93 d43984886bc8873c7e118740c8024a8981fc6150aa53a54478978ff5094207b4 Loading...

	about:blank	ScriptElement	236 B	2025-05-09	2025-05-09
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 01:30 Last Seen2025-05-09 01:30 Times Seen1 Hash 1302cde63e172b323ec2e9109c4f49c3 e56031d4a68fd8c119f1668869f6778e9e9bd3f6 32b842fe3d0d3332de3432057e52be7660770bd30ccb289ae4baa2f62bed5f04 Loading...

	w2.4hxn3e.shop/	EventHandler	38 B	2023-04-17	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-17 00:16 Last Seen2025-06-02 13:17 Times Seen4883 Hash d313558795d5a89ada9c73c4e7c6d37d c66fa2f3b1a23d8b43d20357d6e391dfc18f492a baafb89d4a9938d8004739b2da4475c3d102f907a283f4b2774f752f24fcbce9 Loading...

	w2.4hxn3e.shop/	Function	157 B	2025-03-20	2025-05-31
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-20 05:10 Last Seen2025-05-31 22:46 Times Seen2161 Hash 56798a79a28a0e84f032b4fcbc7c58bb ba42aa08dce622ee103183b6294c08d37066d7e2 a8399ff56e68dfd3d999cf8b6aeb2f599de278fc144aa28d6898efe4611f9793 Loading...

	w2.4hxn3e.shop/assets/theme-1/2_TaskDialogsChunk.CHl45i3X.js	ScriptElement	6.9 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/2_TaskDialogsChunk.CHl45i3X.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 18:41 Last Seen2025-05-09 05:26 Times Seen62 Hash f511f3f31cdf3fe76c3162946fa32d91 683dfe1aaa1261e1f990bc16c601b2575c8a6921 5e1e8c84d494b81662673b5174eea96cafad91c09d135ca0673b51d362c36a7c Loading...

	w2.4hxn3e.shop/	Function	157 B	2025-03-20	2025-05-31
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-20 05:10 Last Seen2025-05-31 22:46 Times Seen2081 Hash 2531cb4ffc4a6bc985a0ea9fb157d7da b750e6e7060e1bdbfe062c926e7d168b11b3aed7 8d1c1a70785c21b22caa8a307a6449c225bcc98a13b0ff7323c12b919c810774 Loading...

	w2.4hxn3e.shop/assets/theme-1/BlindBoxIndex.wtYR0s-Q.js	ImportedModule	3.0 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/BlindBoxIndex.wtYR0s-Q.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen83 Hash 8cc82b9659eccadedf7ad5d572836c1e 23d2b2ddff737de33880a1b817e37b11fb0a44c9 8af620af9fd92f05ada1219b635117ba9896c42e4f12c27a4738ac823b71cea7 Loading...

	w2.4hxn3e.shop/	Function	144 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1627 Hash 18556f4b1a57b7d4c5900bb487f0e63a 26360204c8e82c05741b820a863bba1f2d46d39b d7ed28de108a90547b3dd98691d71a1d9b09eacc820c57d30f682060dfc98aad Loading...

	w2.4hxn3e.shop/assets/theme-1/FindUsIndex.DJcNTMqH.js	ImportedModule	4.5 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/FindUsIndex.DJcNTMqH.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 18:04 Last Seen2025-05-09 05:26 Times Seen73 Hash e1e2113be68e5d2f8b433e2b33ca302e 7811effd95a045a20de7704a632c5a546aeff4b8 3f3eed1134d199a2f004c4a32e9cb344b6fcba9f9043e28d9ca77aa8e67cb066 Loading...

	w2.4hxn3e.shop/assets/locales/vi.Bhn6U9X3.js	ScriptElement	1.3 kB	2025-04-15	2025-05-16
Pretty URL w2.4hxn3e.shop/assets/locales/vi.Bhn6U9X3.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-15 10:41 Last Seen2025-05-16 06:42 Times Seen406 Hash 4460db0dee3c8771059ca91e91d83a25 8a575a8308531850d83757ed03422454d3ecf6bb 082f65745013ce1aa6c77a514732c7943960fe23480917a6dc28484a1d36c73a Loading...

	w2.4hxn3e.shop/	Function	139 B	2023-04-13	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 07:32 Last Seen2025-06-02 00:26 Times Seen2229 Hash 3a32d7682eb9bd55d35085564532fa03 2b7ff3008159f1023261356be04307abf535a049 9e0db488ebfa650c14f73cf6013dd2ff070581f9c8af141a9f2db3bc527f1915 Loading...

	w2.4hxn3e.shop/	Function	155 B	2025-05-08	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-06-02 01:12 Times Seen2090 Hash 52b87641ec2f2dd4fed4c9e2010f50bd dce3ca76aa314e4fcfb054d9e15c67352eae1c11 2d361f32919825d94ff16a632197ee459bf9776834ca81a9ff5d9eaeb027cb85 Loading...

	w2.4hxn3e.shop/	Function	136 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen2024 Hash fd89a7566803f5a955e539138ee2ad2c 453972e398e41509d34d67eeb790419162d6c253 8fa93ca01e07bbae7e13c210e6f6cedd275b81a4a58e34cc737d69de858c3218 Loading...

	w2.4hxn3e.shop/	Function	158 B	2025-03-23	2025-05-31
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-23 10:10 Last Seen2025-05-31 22:46 Times Seen2007 Hash 425b414873a4d41a77a9027b74d64926 1cdc9df5fa052a568f685ce7716d8b51eb005ba1 cecf307ab10d69efb831cefc4fecbe99e75341f8faba88a2518ea8c9840905a4 Loading...

	w2.4hxn3e.shop/assets/theme-1/polyfills.Crp8tAJV.js	ScriptElement	107 kB	2025-04-22	2025-05-29
Pretty URL w2.4hxn3e.shop/assets/theme-1/polyfills.Crp8tAJV.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 22:10 Last Seen2025-05-29 05:13 Times Seen2694 Hash cc009964ef29096a9b7b80c259ec4263 e20cffe3f7245e4efc0546ec9d5d90715c4c80d5 cc7616f04806da4154790e05261879e1873132592bf71a37f6495daf87bd4b90 Loading...

	w2.4hxn3e.shop/	Function	142 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1714 Hash f7cb2926d03168de937c2ba018fa8a83 3610b76d4a0ce9a957931df94264c858dc2cfed5 d81e0f1d0bdb243983219617e956d1720154f1b7af5b11d82bfbfb6ba942a9c3 Loading...

	w2.4hxn3e.shop/	Function	143 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1616 Hash a8c3091b17a621f9c0697c1034065c17 7e322d8c93cb3afe8f19982a5f6cbef736558c5e 166a1b9dc21eaa1108e20233c5c2055796f33ba03facd313a070b26702415013 Loading...

	w2.4hxn3e.shop/	Function	211 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen2076 Hash 051ecfe56a70e2dae279b92734714dc2 9e3ec38f4569cf84729cbb8cab063418b98396fb b6a7bac1e180b7bf77e8c579bcdcbca22fc97a35370b674fa5a47b7a3d2c7977 Loading...

	w2.4hxn3e.shop/assets/theme-1/FindUsIndex.CtR8ZZHo.js	ScriptElement	4.5 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/FindUsIndex.CtR8ZZHo.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 18:04 Last Seen2025-05-09 05:26 Times Seen73 Hash 3afe1b93a0499f0d74b4daf3adf0edf3 92631d48b4ee98a0f0da4c525bbd230ffbf683e7 4388bbc52aec3623e4d1cff19e56eecde70b5ed42848d481aecf9874362c1c85 Loading...

	w2.4hxn3e.shop/	EventHandler	38 B	2023-04-17	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-17 00:16 Last Seen2025-06-02 13:17 Times Seen4883 Hash d313558795d5a89ada9c73c4e7c6d37d c66fa2f3b1a23d8b43d20357d6e391dfc18f492a baafb89d4a9938d8004739b2da4475c3d102f907a283f4b2774f752f24fcbce9 Loading...

	w2.4hxn3e.shop/assets/vendors/vendor-.BTvCGXRh.js	ImportedModule	1.0 kB	2025-04-09	2025-06-02
Pretty URL w2.4hxn3e.shop/assets/vendors/vendor-.BTvCGXRh.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-09 05:27 Last Seen2025-06-02 10:19 Times Seen2745 Hash 1ebb1b3e4af21bfe1e4fbd08fa0a62c7 58716980f5c6784b14ab4d2f1e05c1c294442da3 55a1d488ecf2af693feef4ed53e2edf4e63d8bdca6867731939b534dfd2159d8 Loading...

	w2.4hxn3e.shop/assets/theme-1/SearchIndex.B_b7VnDH.js	ImportedModule	216 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/assets/theme-1/SearchIndex.B_b7VnDH.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-19 06:34 Last Seen2025-06-02 10:19 Times Seen2824 Hash 502d7c3b0a73f2bfeb8cd9b372a0a1a7 d06a92f3f7e9877ef323206ef6959d512ea2a9bd 9b7f32b05c0c7e0c3652f2783bb456f093ae226266c1edc9be637cfac80d72b8 Loading...

	w2.4hxn3e.shop/	Function	324 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen2166 Hash 0bf794fcbf8399a572f47dba23e5e43b 738b8a9172b94fc02f440802705120ddedd5ca75 dfbec055284df5af527b0bc337b617884c5b83ab38872152ff1652556b0398bb Loading...

	w2.4hxn3e.shop/libs/monitor/index.js?ver=1.0.1	ScriptElement	2.1 kB	2025-01-16	2025-06-02
Pretty URL w2.4hxn3e.shop/libs/monitor/index.js?ver=1.0.1 IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-16 00:37 Last Seen2025-06-02 13:17 Times Seen3655 Hash d9b6967f11e6052d0648615948ac25e7 fe871b15b6cc0b674e0181846cf06bc86d3cfacd 2632728f1046cea4040886a9f047746fb17385846606fb8a6dbf3558cdab9ad7 Loading...

	w2.4hxn3e.shop/	Function	131 B	2023-04-18	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 07:51 Last Seen2025-06-02 13:17 Times Seen3958 Hash b37caca13d43c34dcf1bcc82cc983135 8fd227d36547bc185c2886f0c3c9fc637c5b5f93 d43984886bc8873c7e118740c8024a8981fc6150aa53a54478978ff5094207b4 Loading...

	w2.4hxn3e.shop/	Function	143 B	2025-05-08	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-06-02 00:26 Times Seen1932 Hash 57f51eda6b754f8ffed84b71ae2e761c 57c3d2b68978f9e338d618ded6946739c5d35eed 016a51616fdc6ce9e5dc0dbc72aa2f194769c430d50e9c53c7dcafe02ef9f0c1 Loading...

	ntk16.hcm660.com/	ScriptElement	118 B	2025-03-19	2025-06-02
Pretty URL ntk16.hcm660.com/ IP 104.21.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen2316 Hash c15189674a1f088bbf3824252d3f1d8a 0a39b6a313f0bfa5452ac745a34508566dee834b 60611ff57a79e5a1b3a52b43ebac36bcd9651b01536b45fed8c80701eb74e0ba Loading...

	ntk16.hcm660.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.4 kB	2025-05-09	2025-05-09
Pretty URL ntk16.hcm660.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 01:30 Last Seen2025-05-09 02:22 Times Seen4 Hash 5b0fd8f8f3ba19c04b38a6a72da4e8d9 1e9d303434df80c6c2cbc13a7b69358febba35d0 87ed946a93fc59fedd76555b3404540dd4184bbe1526cf167f20cbe458ff15fb Loading...

	w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js	ScriptElement	1.0 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen82 Hash 0d9b87b6b49b7c16aa1dd27311f5df08 14dab01b8093a73ab6ca7daa32b0c43bffd56b06 83b832e09941ec94b90454447dc46e54e9e91de1223372ad84c0419fb58deee5 Loading...

	w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js	ImportedModule	1.0 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen82 Hash e8851c81303145a23b4a1fd047a9991d afdd12586bf375a55f914fa8bc017ef49ec27334 556a59495a07f107113e528cc50a260acaa614eedfa527a5987d97b69c7fb399 Loading...

	w2.4hxn3e.shop/	Function	138 B	2023-12-02	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-12-02 09:04 Last Seen2025-06-02 00:26 Times Seen1885 Hash fea40f8cd0b564b2ae9cda824c24f72d 0f19ce2cad9aece9da132f2e132788d3bb7325ae f39dd4a15f8f38f3039c7aa962ab1d7c7f68d70850ae064e5941f965a5090178 Loading...

	w2.4hxn3e.shop/pages/403/index.html?logId=page-403-log&payloadId=page-403-payload&title=HCM66&t=5822515	ScriptElement	81 kB	2025-03-19	2025-05-31
Pretty URL w2.4hxn3e.shop/pages/403/index.html?logId=page-403-log&payloadId=page-403-payload&title=HCM66&t=5822515 IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-19 06:50 Last Seen2025-05-31 22:45 Times Seen1494 Hash 9306f39b73d4356a029c3ef33d466d5c f061c41f73881ec3016bd54e657fd09670e2a4ad 101aa0e4587f28b4ff96a02abf5d6a3fce78a994190d87eccf4f9c34dafcd829 Loading...

	w2.4hxn3e.shop/	Function	143 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1971 Hash 1d4433515ba5a48792dddef134bfb627 6a89841fe74e0fac7622f02dac0180e6b3ecf612 11de44aa46c81d184cb0c2c0db7aabda15d4121c219acf7a106c42ff9038050d Loading...

	w2.4hxn3e.shop/assets/theme-1/WithdrawRecordIndex.LYDYXLyj.js	ImportedModule	1.3 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/WithdrawRecordIndex.LYDYXLyj.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen77 Hash be8a70e4f24ffaa9c8be3ece7b2242b5 0feeee9bb82e77d1c6db01bff28189e72f9d521c e51e0c01be8dbeaa9b6a72c3f2cfe3861205149fe36d8270b9e4c2ef848c68b4 Loading...

	w2.4hxn3e.shop/	ScriptElement	2.4 kB	2025-04-28	2025-05-16
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-28 19:49 Last Seen2025-05-16 09:18 Times Seen1695 Hash cb1a7ebed3e9e07eb1d1e8dcb36568b9 aa4259f23427b847a49a8707b194057b454d8bbe 1a3507302a7983dc90023f6dd360da65f55809fbc7a3ef9ef95eab419bf0b49f Loading...

	w2.4hxn3e.shop/	Function	153 B	2025-03-22	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-22 15:35 Last Seen2025-06-02 00:26 Times Seen2056 Hash ea0471119136448a25f9a37f9ea9df9c 4f411a7ebf1b143906b9eca11c05303cc92c8487 280ef9aa25ac6ecae4a1ba7ee34bdbb6fd4bb8cdbc45dcf5db200971ae080a2a Loading...

	w2.4hxn3e.shop/assets/theme-1/StyleIndex.CcIU4Plm.js	ScriptElement	66 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/StyleIndex.CcIU4Plm.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen83 Hash fa1f3079721abf0d4e28e2b256e77947 6e04364747ff5948bba872b174bc5e5a5bf9bf55 daa80f7ae2bce1b87c384e3c0727f117a206c9b02bfa1175d915ff3e92d8ea92 Loading...

	w2.4hxn3e.shop/	Function	131 B	2023-04-18	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 07:51 Last Seen2025-06-02 13:17 Times Seen3958 Hash b37caca13d43c34dcf1bcc82cc983135 8fd227d36547bc185c2886f0c3c9fc637c5b5f93 d43984886bc8873c7e118740c8024a8981fc6150aa53a54478978ff5094207b4 Loading...

	w2.4hxn3e.shop/	EventHandler	38 B	2023-04-17	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-17 00:16 Last Seen2025-06-02 13:17 Times Seen4883 Hash d313558795d5a89ada9c73c4e7c6d37d c66fa2f3b1a23d8b43d20357d6e391dfc18f492a baafb89d4a9938d8004739b2da4475c3d102f907a283f4b2774f752f24fcbce9 Loading...

	w2.4hxn3e.shop/assets/theme-1/FastEntryIndex.BwxKAflk.js	ImportedModule	2.5 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/FastEntryIndex.BwxKAflk.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen83 Hash 6db2d1413f92bd2ac3db455843143937 69726c206715f8d4c67b41c220aa233978266996 c61be1fca96ee1be76ed53153b64c4603ab6b8757624f246bf723f41df73e4ad Loading...

	w2.4hxn3e.shop/assets/theme-1/2_DownloadDialogsChunk.CmXLXoCB.js	ScriptElement	34 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/2_DownloadDialogsChunk.CmXLXoCB.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 18:04 Last Seen2025-05-09 05:26 Times Seen73 Hash 88410a92e7757918668dfd1fa4b972b3 1f7c3b6f620a88546a2b22800282da9b0a4ef95b 5bc177dee4a7f6d32b4869e2e63484a8be505a094c26e449671a5058724c66ea Loading...

	w2.4hxn3e.shop/assets/vendors/vendor-@sentry.6viaZao7.js	ImportedModule	1.0 kB	2025-03-22	2025-06-02
Pretty URL w2.4hxn3e.shop/assets/vendors/vendor-@sentry.6viaZao7.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-22 10:16 Last Seen2025-06-02 12:54 Times Seen3150 Hash 5add043f22253de748a2bf954cea59da 161760436c2a95e7ad3e6a2e922461749357b7d0 a39581d52aa2feeae11b7d9cdee964117205cc5f68cf10445c1864a3d527b904 Loading...

	w2.4hxn3e.shop/assets/theme-1/ApplicationIndex.Cp10XnQG.js	ImportedModule	1.5 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/ApplicationIndex.Cp10XnQG.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen83 Hash ce68efcbf40902801a9b4a628d648a46 f310ce4d129705a48ef098e85a3894bee339dcc5 68162f6acfc0f70e131b6362c303c08242c2676319aff058559a32c8f4fcccb6 Loading...

	w2.4hxn3e.shop/	Function	141 B	2025-03-09	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-09 03:44 Last Seen2025-06-02 00:26 Times Seen1756 Hash 2dcaabaab1bdf77f18953b6f6e3494d6 505307e10c178950721fc86da9d7d131e08a8c74 0ed906415c6ee177e31f065346fa1f7e74269720fe220d7397e2858a8c9ec381 Loading...

	w2.4hxn3e.shop/assets/theme-1/StyleIndex.CeAizi4D.js	ScriptElement	74 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/StyleIndex.CeAizi4D.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen77 Hash 7c511da35ff34453847f4e3676ef5fab f3b3a1f56331a0964e503da841f006b0bce20b51 4233200d957359f8194deb1cfbaa6f7d0102fab1017aa0149f18a27dbe6e07fe Loading...

	ntk16.hcm660.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.4 kB	2025-05-09	2025-05-09
Pretty URL ntk16.hcm660.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 01:30 Last Seen2025-05-09 01:47 Times Seen2 Hash 4e6b9f848607e053ff29c3acbafed7ae 6f6b524c66a8573af9b67bfc54ade75df6202517 838042eba57dcea390f64400abaa5066f6213f0c415b6c2782b1e048ddc82473 Loading...

	w2.4hxn3e.shop/assets/vendors/vendor-stable.DbXiLqro.js	ImportedModule	1.0 kB	2025-05-08	2025-05-13
Pretty URL w2.4hxn3e.shop/assets/vendors/vendor-stable.DbXiLqro.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-13 08:46 Times Seen1400 Hash 59dcdb8cd6d8ac4477d5da9fcc9249f0 8895d2e48122aebda886b7882d8fd232ab51d5c8 1f2b037b0268852c7fa60e1e3735d427d870303df9786971f83fe1918e468d27 Loading...

	w2.4hxn3e.shop/assets/theme-1/PureListIndex.CkMT4Ie1.js	ScriptElement	66 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/PureListIndex.CkMT4Ie1.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen83 Hash 4c40b14409f991d000b5aea14deb1591 903ba060b3b4f963a078da89adf7e7b3dd3929c0 dc426aaa066d212665cd7385b083e478e61fa60ac109d8d4a66e7f1b9988d971 Loading...

	w2.4hxn3e.shop/	Function	136 B	2023-07-14	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-07-14 08:52 Last Seen2025-06-02 00:26 Times Seen2005 Hash a39b5ff589ae67a49f0f4bbea75fa0ea 0f45ec9451ac9f73f27f52e89128f3b2b374db12 46a0fa78a104a1c19b1d3e1c4f6235ad61d83af59abffece54765565ca01e6f8 Loading...

	w2.4hxn3e.shop/	Function	137 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1589 Hash e455048352aabad5f0c339e1cca4d3d5 e043b51a4bf97b874268f486c4bf515eb7fe1c3e 513a0d30cf0e8afe3e04ce7db12bb02d9887591a195d3ccf13b3a7c8db4f72b2 Loading...

	w2.4hxn3e.shop/assets/theme-1/IframeIndex.Ce8SQIBG.js	ScriptElement	2.3 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/IframeIndex.Ce8SQIBG.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen73 Hash 2fd79ef128c6832a5840529be1a0e0c1 4e00d70f7f5763e78f7d6f450d210a4027acc4c2 f44def64ab2af680a22b046e4d7efd8239aadf8b621e45fc67aa04f64bef1fed Loading...

	w2.4hxn3e.shop/	Function	155 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1988 Hash 45e5be79b1e15dfce9d219b7cbbda9fd 578623b1c38cc0daa3e9f3da02301f9fa6c0bf9f b330e9c093a60086fd92caba7912b4b31c59f950bc8b82bb9d82375eb632196b Loading...

	w2.4hxn3e.shop/	Function	146 B	2025-03-09	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-09 03:44 Last Seen2025-06-02 00:26 Times Seen1886 Hash dad870c0e72000ea0c41e565b8ad84ad bf8f2f1c8668972422ad7124c10a6a8eee851206 365296989dea408baeebb41916ae220b91ce8567c1123541fe9fed361b4621af Loading...

	w2.4hxn3e.shop/	Function	791 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen1599 Hash 665da31177265f15f06beaa7c58c25dd 46b4d1d76f115257ed5b309735cd8d553e38706c 59be5a302ed6f89115a0f3d651173085cd05800f376cbee8984f2dd1bf1a4bf9 Loading...

	ntk16.hcm660.com/	ScriptElement	4.0 kB	2025-03-19	2025-06-02
Pretty URL ntk16.hcm660.com/ IP 104.21.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen2316 Hash ee2a6d5bece875ce5fe3156390a0b0b1 c4f18527345d04104cb682c4d28a6fa43e45469a 11b24be34926027857f8a64fae0887d27a40bd7ccae88bb6f78b74c4389d699e Loading...

	w2.4hxn3e.shop/assets/theme-1/PromoteIndex.Cba_qNcW.js	ImportedModule	1.0 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/PromoteIndex.Cba_qNcW.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen82 Hash 06d5b28e8be8399ee077a97d6b7a6989 1ee77b1f59f64b1b3da9f35e6074548cd4ea99c9 03ef2f6b8e934e89450b0c4645c387d86b0131f8cc3a92eef47753f6d700dfd7 Loading...

	w2.4hxn3e.shop/assets/theme-1/WithdrawTaskIndex.K2R-QQIQ.js	ScriptElement	59 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/WithdrawTaskIndex.K2R-QQIQ.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen78 Hash 151408df4ab14f9b4d4169376526fc7e bf2fdbc55ed3281beddaf4e29f3d80ac8eca068d a731bc5ab37d517b4ca15e7a7eaca1fffc0d4893e13f03a43d8e118067261769 Loading...

	w2.4hxn3e.shop/assets/theme-1/SportParlayIndex.DIsyCrwd.js	ImportedModule	442 B	2025-04-23	2025-06-02
Pretty URL w2.4hxn3e.shop/assets/theme-1/SportParlayIndex.DIsyCrwd.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-23 23:18 Last Seen2025-06-02 09:26 Times Seen2467 Hash a9cbafb66138ca969a1ab6b126fbd579 d0051ffa16ef741b34502eb7e13dfbca9d992939 d7a39fe00fffa184a5b6ea50d242cc9f966a6b1dd553c40aa957feba8b0a466c Loading...

	w2.4hxn3e.shop/assets/vendors/vendor-swiper.LJkawljk.js	ImportedModule	1.0 kB	2025-03-25	2025-05-29
Pretty URL w2.4hxn3e.shop/assets/vendors/vendor-swiper.LJkawljk.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-25 19:45 Last Seen2025-05-29 05:13 Times Seen2850 Hash 55b37372d44a8cd6be3e7cb0390521d5 ce9819b22ceb6a83be4f389fe4a5d7449988abd9 141fee7dfc2bfbd9978c4ac64c83b9e0b2ffdca4ce6ff613e4ae00dd6af81e82 Loading...

	w2.4hxn3e.shop/	Function	148 B	2025-05-08	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-06-02 00:26 Times Seen1985 Hash 1abc76bb2e41cd276587ff0169d6678b af4b5c1fbbacc410b35ae2a6799f73ffd51d4a39 98126c5db47721f0eb527931dfd0510ef1f1fad36ca3d194b2d0afc25b161737 Loading...

	w2.4hxn3e.shop/assets/theme-1/LoginVerifyIndex.CEOidabG.js	ImportedModule	435 B	2025-05-08	2025-05-12
Pretty URL w2.4hxn3e.shop/assets/theme-1/LoginVerifyIndex.CEOidabG.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-12 08:45 Times Seen989 Hash 09da04383707f0434f48c443dc1b4b7b e07e4da9f07bd65610f4ce7cf50f162eb9b9599d 085d9c96aa94839a588d55e536dd322246c7cb77191acb519b9d602589ebd2fe Loading...

	about:blank	ScriptElement	236 B	2025-05-09	2025-05-09
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 01:30 Last Seen2025-05-09 01:30 Times Seen1 Hash 9113963c26eba411ec6757006bf84393 a0495f92e73ff8a0b8d075970071ef2cc3c4b58a f2dd51c90c86c775be21e3a3882eebebae15d7a06916c3a973ed0e12aa198bf1 Loading...

	w2.4hxn3e.shop/assets/theme-1/vendorChunk.D7TmZIHS.js	ImportedModule	2.5 kB	2025-03-06	2025-06-02
Pretty URL w2.4hxn3e.shop/assets/theme-1/vendorChunk.D7TmZIHS.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-06 10:43 Last Seen2025-06-02 13:17 Times Seen3570 Hash 385b3d981ec180895499bf90ddf50d6e e5792ad0f1df4971a60ae8d62173d3780ce00a87 cb6bc7e686c808edcebf111fdd042eb43fcd55019b65446925718de269be1709 Loading...

	w2.4hxn3e.shop/	Function	185 B	2025-03-19	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2025-03-19 06:50 Last Seen2025-06-02 00:26 Times Seen2168 Hash 50a2db3d077e467a9f89e4a8cdc09e9b 99c6a08e4ef15d03fd3ab3446f2a364ffe11060f be8377b155dc8b70418719b09f55440cda5b42196d4bd2f93056851fc5ee5c1a Loading...

	w2.4hxn3e.shop/assets/theme-1/ForgetPasswordIndex.5yrlCiPo.js	ImportedModule	2.8 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/ForgetPasswordIndex.5yrlCiPo.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen77 Hash 52112196c9c8cc2b52aaaa6dbaece335 cd132d771b2c696f4150a8c1d50e7b8eb1b8d967 a8579306458f3b34ea0e0d8b5352bf2cb5e08dd7930c994c49376e42c90b8d79 Loading...

	w2.4hxn3e.shop/	Function	131 B	2023-04-18	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 07:51 Last Seen2025-06-02 13:17 Times Seen3958 Hash b37caca13d43c34dcf1bcc82cc983135 8fd227d36547bc185c2886f0c3c9fc637c5b5f93 d43984886bc8873c7e118740c8024a8981fc6150aa53a54478978ff5094207b4 Loading...

	ntk16.hcm660.com/	ScriptElement	921 B	2025-05-09	2025-05-09
Pretty URL ntk16.hcm660.com/ IP 104.21.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-09 01:30 Last Seen2025-05-09 01:30 Times Seen1 Hash a3bc5c6533f3f2c811a9635c2928b800 960936240dac9ae14e3858ac67cc5ff7d203d8b7 e5e1240625307ecf6c557b144a06251253bfbc16937f19ddbd4a1ec50f7fddf0 Loading...

	w2.4hxn3e.shop/	EventHandler	38 B	2023-04-17	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-17 00:16 Last Seen2025-06-02 13:17 Times Seen4883 Hash d313558795d5a89ada9c73c4e7c6d37d c66fa2f3b1a23d8b43d20357d6e391dfc18f492a baafb89d4a9938d8004739b2da4475c3d102f907a283f4b2774f752f24fcbce9 Loading...

	w2.4hxn3e.shop/assets/theme-1/EmbeddedIndex.wm5PQlhD.js	ImportedModule	1.1 kB	2025-05-08	2025-05-09
Pretty URL w2.4hxn3e.shop/assets/theme-1/EmbeddedIndex.wm5PQlhD.js IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by importedModule Embedded in HTML false Observations First Seen2025-05-08 17:14 Last Seen2025-05-09 05:26 Times Seen83 Hash f507a5c65b9a5e7c2e904a760fb0832d 49617b273966492e7df1f8461d294b437c5bd3e5 2c958e43cf1635ce5da36033a306b27440c2c65ac40c9cfc2b73986c9023071a Loading...

	w2.4hxn3e.shop/	Function	131 B	2023-04-18	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-04-18 07:51 Last Seen2025-06-02 13:17 Times Seen3958 Hash b37caca13d43c34dcf1bcc82cc983135 8fd227d36547bc185c2886f0c3c9fc637c5b5f93 d43984886bc8873c7e118740c8024a8981fc6150aa53a54478978ff5094207b4 Loading...

	w2.4hxn3e.shop/	Function	149 B	2023-12-02	2025-06-02
Pretty URL w2.4hxn3e.shop/ IP 34.144.193.180 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by Function Embedded in HTML false Observations First Seen2023-12-02 09:04 Last Seen2025-06-02 00:26 Times Seen1515 Hash 70d546037b9c15386f51db1f5f646764 071a0413956b699529a3fac59cc432b0b8a2caf3 ece4dee6aea78261bed990e699bbdcba87ab1f51755afabb506bef9f48778264 Loading...

		Size	First Seen	Last Seen
	#1 Write - 13a4766504533da79aabcb5591069a59	255 B	2024-10-18 17:58	2025-06-02 00:26
Pretty Observations First Seen2024-10-18 17:58 Last Seen2025-06-02 00:26 Times Seen2317 Hash 13a4766504533da79aabcb5591069a59 5618f340f62ad510389bd7110688c94f4f486df8 391b9b02fe83712b298f8f5685a1edf3cc55207d73987beefdcd0ac7c2a3faa0 Loading...

	#2 Write - 85955b6bcdf5213694a80efdfc4f266e	248 B	2024-12-12 23:47	2025-05-27 05:25
Pretty Observations First Seen2024-12-12 23:47 Last Seen2025-05-27 05:25 Times Seen189 Hash 85955b6bcdf5213694a80efdfc4f266e dfe5d19420ed64816b3787f9bc13b240a8f3fa65 ff036f8ff6bc049a211a7be530de7aaea4634f58eac4d361ea4f6ae774a39918 Loading...

HTTP Transactions (186)

	URL	IP	Response	Size
	ntk16.hcm660.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/701fd2559006/main.js?	104.21.96.1	200 OK	8.4 kB
URL GET ntk16.hcm660.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/701fd2559006/main.js? IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ntk16.hcm660.com/ Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type JavaScript source, ASCII text, with very long lines (8367), with no line terminators Size 8.4 kB (8367 bytes) Hash 4e6b9f848607e053ff29c3acbafed7ae 6f6b524c66a8573af9b67bfc54ade75df6202517 838042eba57dcea390f64400abaa5066f6213f0c415b6c2782b1e048ddc82473 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/701fd2559006/main.js? HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8; uUrl=w2.4hxn3e.shop Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:29 GMT content-type: application/javascript; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSTPBjzsUCx9WkoGvQRAbiaUG40f3yGbK5iruc6x8Wzqji2jdGPCWJf3yulvrgUz2MKAUiJn8qVSSCU3yKlnBsPTnJka2yaY%2Ft7HYNFi5F6uWpwKeD6OQkAX8DyjCmnRct9Z"}],"group":"cf-nel","max_age":604800} cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public x-content-type-options: nosniff content-encoding: br cf-ray: 93cd6e8eb98a568b-OSL server: cloudflare vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=5142&min_rtt=1397&rtt_var=4861&sent=31&recv=25&lost=0&retrans=0&sent_bytes=11117&recv_bytes=3234&delivery_rate=64755&cwnd=12000&unsent_bytes=0&cid=8dd6d7e55a4db7ba&ts=659&x=16"

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/web/common/btn_zc1_2.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	809 B
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/web/common/btn_zc1_2.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 809 B (809 bytes) Hash fe5be5352845740b75590eeb27cf8e98 2338c2a6d5b957e181089fcd62df62ff95af7914 0fa17cc174883b05cfd546b94574585333dc022e7430e86a83354bc2b0da9c87 HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-11/web/common/btn_zc1_2.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 809 x-oss-request-id: 681CACECB724A511D3CEC82B vary: Origin, Accept-Encoding etag: "FE5BE5352845740B75590EEB27CF8E98" last-modified: Wed, 07 May 2025 10:16:57 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10579611477085031381 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: /lvlNShFdAt1WQ7rJ8+OmA== x-oss-server-time: 4 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea77be4b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2222.com/siteadmin/ssocdn.txt	54.240.174.8	200 OK	2 B
URL GET cdntoos.hcm2222.com/siteadmin/ssocdn.txt IP 54.240.174.8:443 ASN #16509 AMAZON-02 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2222.com FingerprintD7:4B:C7:AA:DE:23:25:38:F5:EB:A6:22:5C:1D:54:7A:1A:4F:E4:71 ValidityFri, 27 Sep 2024 00:00:00 GMT - Sun, 26 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash a60852f204ed8028c1c58808b746d115 b0a98216a32426b9e66a4ac1eb6df2e96e1b495c 843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c HTTP Headers `GET /siteadmin/ssocdn.txt HTTP/1.1 Host: cdntoos.hcm2222.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/plain content-length: 2 server: AliyunOSS x-oss-request-id: 681B275C304E2E95F8F019B6 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Thu, 25 Jul 2024 03:06:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13902551060587900831 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: pghS8gTtgCjBxYgIt0bRFQ== x-oss-server-time: 2 date: Thu, 08 May 2025 13:05:47 GMT cache-control: max-age=86400 etag: "A60852F204ED8028C1C58808B746D115" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: gZoFua-18Gpogh5h0WvcA1YQnGeFBR6ObOpPeJEeFl6HfLNgCDYCwQ== age: 44691 X-Firefox-Spdy: h2

	cdntoos.hcm2211.com/siteadmin/ssocdn.txt	0.0.0.0		0 B
URL GET cdntoos.hcm2211.com/siteadmin/ssocdn.txt IP 0.0.0.0:0 ASN #0 Requested by https://w2.4hxn3e.shop/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /siteadmin/ssocdn.txt HTTP/1.1 Host: cdntoos.hcm2211.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js	34.144.193.180	200 OK	1.8 MB
URL GET w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (56403) Size 1.8 MB (1822008 bytes) Hash 3a7d815bc9cf182fe50c87fbb3d30d3b da53e1bc92ccda1a0fe65209051db62284f582d9 9d6aef0e8fa8f2e1787075486e3848ec728a944765dc48174e970b8e1dc88b59 HTTP Headers `GET /assets/theme-1/commonChunk.CbstCaL4.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72C5841FF3134DB92C9 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 7607202021852197235 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: On2BW8nPGC/lDIf7s9MNOw== x-oss-server-time: 13 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:48 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"3A7D815BC9CF182FE50C87FBB3D30D3B" content-type: text/javascript vary: Accept-Encoding age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/siteadmin/upload/img/1805897433322795010.avif	104.18.24.129	200 OK	24 kB
URL GET o566mch.hcm665.com/siteadmin/upload/img/1805897433322795010.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Sequence Size 24 kB (23933 bytes) Hash e1f5a2c25ccb57d109b3873d90635d2d cdac52d01ab4aedb862df210a87aea48e072a7cf 7a5189e7a0d2cd9cc5b8a2a6beb7cf5819b24bc23a7b4c65816348c8b033e495 HTTP Headers `GET /siteadmin/upload/img/1805897433322795010.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 23933 x-oss-request-id: 681C0E6DCD3972C8C20501A0 vary: Origin, Accept-Encoding etag: "E1F5A2C25CCB57D109B3873D90635D2D" last-modified: Fri, 16 Aug 2024 02:49:36 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1481129568811392988 x-oss-storage-class: Standard cache-control: s-maxage=86400,max-age=1800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: 4fWiwlzLV9EJs4c9kGNdLQ== x-oss-server-time: 46 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea6bb8db503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/layoutDesign/1728774269309186050.png	104.18.24.129	200 OK	1.7 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728774269309186050.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced Size 1.7 kB (1728 bytes) Hash 1596f777caeaa626ff6ab488bfab850f 4bc1204493f0544e8b27b56d8fa021baa67e8941 fae6c0dac5882e0220f61592adb6869cb77169bbb979d85badfec1cc98a7c137 HTTP Headers `GET /siteadmin/layoutDesign/1728774269309186050.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 1728 x-oss-request-id: 68178B9340D0029A5C830D89 vary: Origin, Accept-Encoding etag: "1596F777CAEAA626FF6AB488BFAB850F" last-modified: Sun, 26 Nov 2023 13:54:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 11314776702876108948 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: FZb3d8rqpib/arSIv6uFDw== x-oss-server-time: 16 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea81c2eb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/game_pictures/g/CL/200/3/2000087/default.avif	104.18.24.129	200 OK	12 kB
URL GET o566mch.hcm665.com/game_pictures/g/CL/200/3/2000087/default.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 12 kB (11757 bytes) Hash f592da8e3a28898c8a2712300581ba19 c780d650f0b395e162b591565f15b431527bce23 a23f84a43965952d61f63283d2f09c0f8020313e6e5304db1149a74c417c77ba HTTP Headers `GET /game_pictures/g/CL/200/3/2000087/default.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 11757 x-oss-request-id: 68178F22F53B5C3C9FA132F8 vary: Origin, Accept-Encoding etag: "F592DA8E3A28898C8A2712300581BA19" last-modified: Wed, 26 Feb 2025 02:14:16 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 11034582195939746175 x-oss-storage-class: Standard cache-control: max-age=1800,stale-while-revalidate=86400,immutable,proxy-revalidate,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: 9ZLajjooiYyKJxIwBYG6GQ== x-oss-server-time: 1 cf-cache-status: HIT age: 573 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa6d23b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	hcm2244.com/hall/api/agent/promote/pointer/domain	104.18.25.129	200 OK	0 B
URL OPTIONS hcm2244.com/hall/api/agent/promote/pointer/domain IP 104.18.25.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm2244.com Fingerprint1E:FC:82:F5:D7:8C:88:C1:C8:AB:8F:34:19:36:B0:F3:BC:B3:1D:48 ValidityTue, 11 Mar 2025 10:49:09 GMT - Mon, 09 Jun 2025 11:49:02 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /hall/api/agent/promote/pointer/domain HTTP/1.1 Host: hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,content-type,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: application/octet-stream content-length: 0 set-cookie: acw_tc=0a0cca9517467542381684122e3fb6d4bffbba294e8423eb3f230dd4935411;path=/;HttpOnly;Max-Age=1800 access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true access-control-allow-origin: * access-control-allow-headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,content-type,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version cf-cache-status: DYNAMIC server: cloudflare cf-ray: 93cd6ec3e851b51b-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	o566mch.hcm665.com/siteadmin/ssocdn.txt	104.18.24.129	200 OK	2 B
URL GET o566mch.hcm665.com/siteadmin/ssocdn.txt IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash a60852f204ed8028c1c58808b746d115 b0a98216a32426b9e66a4ac1eb6df2e96e1b495c 843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c HTTP Headers `GET /siteadmin/ssocdn.txt HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: text/plain content-length: 2 x-oss-request-id: 681CBE0DDA25D3580DF75E24 vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 etag: "A60852F204ED8028C1C58808B746D115" last-modified: Thu, 25 Jul 2024 03:06:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13902551060587900831 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: pghS8gTtgCjBxYgIt0bRFQ== x-oss-server-time: 2 cf-cache-status: HIT age: 25484 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ec7ad16b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	ntk16.hcm660.com/	104.21.96.1	404 Not Found	7.8 kB
URL User Request GET ntk16.hcm660.com/ IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (3943) Size 7.8 kB (7814 bytes) Hash 01962cc4ead03af007e034c9217e4493 b8178e6301bcd2e3c1182e220b368ae46eaeeee4 0ce4234717f8d3e21fd18a59602d34a1f2c6449e013117d78175d1ee4d1521f9 HTTP Headers GET / HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 404 Not Found date: Fri, 09 May 2025 01:30:29 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gEg1V02j3wOtDVmyOyEPFI4EIBJVHdcEZnRo7JSb5Vl2x7JgnUvNAggQioUMR9NHPNtUHY2sNNFxMm5GsZJ%2F8Hkcn%2FHkTxcIzrPPHtpjCOkvM932yjiwXTwdsM2gJilWcPG"}],"group":"cf-nel","max_age":604800} vary: Accept-Encoding expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache cf-cache-status: DYNAMIC content-encoding: br cf-ray: 93cd6e8d1983568b-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6801&min_rtt=3468&rtt_var=5736&sent=18&recv=18&lost=0&retrans=0&sent_bytes=4057&recv_bytes=1766&delivery_rate=2641&cwnd=12000&unsent_bytes=0&cid=8dd6d7e55a4db7ba&ts=465&x=16"

	o566mch.hcm665.com/siteadmin/layoutDesign/1728075406948155393.png	104.18.24.129	200 OK	2.4 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728075406948155393.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 80 x 70, 8-bit colormap, non-interlaced Size 2.4 kB (2392 bytes) Hash 22cba455d99642e1f4f4c4b6b2f33f21 024598d23b8eb74a9dc7fda5cde12cdc8ef43b1f 69c15e3cdebcfc429ef68858c675afe5e971cbd70ffe6d0ee21bb2a2938f29e2 HTTP Headers `GET /siteadmin/layoutDesign/1728075406948155393.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 2392 x-oss-request-id: 68178B93DE669353D210E5F2 vary: Origin, Accept-Encoding etag: "22CBA455D99642E1F4F4C4B6B2F33F21" last-modified: Fri, 24 Nov 2023 15:37:38 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9329623213453216742 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: IsukVdmWQuH09MS2svM/IQ== x-oss-server-time: 1 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea6bb90b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_dz_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	3.0 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_dz_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 3.0 kB (3019 bytes) Hash e5db367392767675839524cde8e7dcda e97983146524f3279c337c721e31cf56e1b7ca17 ff09067ae6c396daf90119f3cd597fcfd355493d22fc3202af682f1063baa98e HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_dz_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 3019 x-oss-request-id: 681CACED5943070BBE7D19F4 vary: Origin, Accept-Encoding etag: "E5DB367392767675839524CDE8E7DCDA" last-modified: Thu, 06 Mar 2025 03:37:25 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1691347070242699491 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: 5ds2c5J2dnWDlSTN6Ofc2g== x-oss-server-time: 4 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea73bbcb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/common/web/common/comm_icon_jzgd.svg?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	602 B
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/common/web/common/comm_icon_jzgd.svg?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type SVG Scalable Vector Graphics image Size 602 B (602 bytes) Hash 738425e9aecacb59f0fe00de5ce15b11 28a6e082d25dae2bfd467f01608808bcea7c822f 50272b2c641494014e65eb5fd691b8dd0424e8de19ed702e9e2f03332906abf0 HTTP Headers GET /siteadmin/skin/lobby_asset/common/web/common/comm_icon_jzgd.svg?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/svg+xml x-oss-request-id: 681CACEC304E2E95F83A8CAA vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 etag: W/"738425E9AECACB59F0FE00DE5CE15B11" last-modified: Wed, 07 May 2025 10:17:47 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9237853658913805688 x-oss-storage-class: Standard cache-control: public, max-age=691200 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: c4Ql6a7Ky1nw/gDeXOFbEQ== x-oss-server-time: 0 cf-cache-status: HIT age: 25482 expires: Sat, 17 May 2025 01:30:33 GMT priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ea93cb1b503-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/assets/theme-1/StyleIndex.CcIU4Plm.js	34.144.193.180	200 OK	66 kB
URL GET w2.4hxn3e.shop/assets/theme-1/StyleIndex.CcIU4Plm.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65029) Size 66 kB (66498 bytes) Hash fa1f3079721abf0d4e28e2b256e77947 6e04364747ff5948bba872b174bc5e5a5bf9bf55 daa80f7ae2bce1b87c384e3c0727f117a206c9b02bfa1175d915ff3e92d8ea92 HTTP Headers `GET /assets/theme-1/StyleIndex.CcIU4Plm.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:34 GMT content-type: text/javascript x-oss-request-id: 681D5ABA4005843537DADCE5 accept-ranges: none etag: W/"FA1F3079721ABF0D4E28E2B256E77947" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1046830548407580356 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: +h8weXIavw1OKOKyVud5Rw== x-oss-server-time: 10 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/SportParlayIndex.9MfHFWtx.css	34.144.193.180	200 OK	2.9 kB
URL GET w2.4hxn3e.shop/assets/theme-1/SportParlayIndex.9MfHFWtx.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (2855) Size 2.9 kB (2856 bytes) Hash 3c46ccf4572c1dc493966bf3c6f04a48 c2bd07745cda5563c37e384c0c416168be1d6493 cea179f3f3bdc925e063ea53dde0eab3db2ad5bda572f105775cce12e0bb9d1c HTTP Headers `GET /assets/theme-1/SportParlayIndex.9MfHFWtx.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF739FE67F33634F1C4CC x-oss-object-type: Normal x-oss-hash-crc64ecma: 2337943916703629795 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: PEbM9FcsHcSTlmvzxvBKSA== x-oss-server-time: 6 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:26:01 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT content-type: text/css vary: Accept-Encoding content-length: 650 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/polyfills.Crp8tAJV.js	34.144.193.180	200 OK	107 kB
URL GET w2.4hxn3e.shop/assets/theme-1/polyfills.Crp8tAJV.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65386), with NEL line terminators Size 107 kB (107353 bytes) Hash cc009964ef29096a9b7b80c259ec4263 e20cffe3f7245e4efc0546ec9d5d90715c4c80d5 cc7616f04806da4154790e05261879e1873132592bf71a37f6495daf87bd4b90 HTTP Headers `GET /assets/theme-1/polyfills.Crp8tAJV.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: AliyunOSS x-oss-request-id: 681CF72BC05EDB333794F227 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 10164045849960065516 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: zACZZO8pCWqbe4DCWexCYw== x-oss-server-time: 3 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:47 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT etag: W/"CC009964EF29096A9B7B80C259EC4263" content-type: text/javascript vary: Accept-Encoding content-length: 42209 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	hcm2244.com/hall/api/agent/promote/binding/reportViewV2	104.18.25.129	200 OK	80 B
URL POST hcm2244.com/hall/api/agent/promote/binding/reportViewV2 IP 104.18.25.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm2244.com Fingerprint1E:FC:82:F5:D7:8C:88:C1:C8:AB:8F:34:19:36:B0:F3:BC:B3:1D:48 ValidityTue, 11 Mar 2025 10:49:09 GMT - Mon, 09 Jun 2025 11:49:02 GMT File type JSON text data Size 80 B (80 bytes) Hash 58d5b68d255410e0aede922dc38e1c5c 8837f98fed5e88716525930f97d89ec2da47b232 f38ded2faa805a588239834210ab34901a1515bf6ee132cc84fafa168b71f12f HTTP Headers POST /hall/api/agent/promote/binding/reportViewV2 HTTP/1.1 Host: hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: vi Accept-Encoding: gzip, deflate, br Content-Type: application/json x-object-id: {"uid":"","browserLanguage":"en-US","init":{"created":1746754232103,"version":1746700671000}} platformType: 5 devicetype: 3 x-device: 1-1 x-data-mode: plain x-request-id: ed2ecbe9-2ff2-40a2-8612-842c67038786 device: b9acb4d2-198e-453c-b131-4c558c83ca52 currency: VND timestamp: 1746754232 nonce: ed2ecbe9-2ff2-40a2-8612-842c67038786 sign: EScM+ZVYUX6CDWOcxOqNLfUVXcgI/OxAj5HtSNf836WsfnCU573VIc0kArwHAyFq siteCode: 285 language: vi token: b2e3d672-9d88-47a7-81b4-9d7ffc62054f auth: undefined deviceModel: Firefox v134.0 physicalDeviceModel: unknown operatingSystem: Windows deviceBrand: unknown browserType: Firefox v134.0 appSystem: Windows 10 domain: w2.4hxn3e.shop webauthnDomain: w2.4hxn3e.shop clienttimezone: 0 x-custom-referer: https://w2.4hxn3e.shop/ x-version: 6.0.52 browserfingerid: appVersion: v6.0.52 Content-Length: 112 Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: application/json; charset=utf-8 set-cookie: acw_tc=0a0cca9317467542330956742e3fa0a255068dcf6cbfd1ff378f83b48ba660;path=/;HttpOnly;Max-Age=1800 api-cache: false cache-control: no-cache x-env-go-biz-agent-server: 0 x-env-go-biz-gateway: 0 x-server-version: 4.0.0 x-trace-id: 3929fb902d57db4c access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true access-control-allow-origin: * cf-cache-status: DYNAMIC server: cloudflare cf-ray: 93cd6ea3fadcb51b-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_douji_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	1.8 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_douji_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 1.8 kB (1825 bytes) Hash 8044df90bf507d53aecf10f77d73044f 3b7ab847a57f462684087ea44b54bae0fa75120f 1f837b34be944818d6f73625fb4580f4f7cb1e33c9b9f26c435997cdf57877eb HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_douji_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 1825 x-oss-request-id: 681CACECB724A511D3CEC8BF vary: Origin, Accept-Encoding etag: "8044DF90BF507D53AECF10F77D73044F" last-modified: Thu, 06 Mar 2025 03:37:14 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10368695116963475275 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: gETfkL9QfVOuzxD3fXMETw== x-oss-server-time: 4 cf-cache-status: HIT age: 1289 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea7abfbb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/layoutDesign/1728773780637040642.png	104.18.24.129	200 OK	1.6 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728773780637040642.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced Size 1.6 kB (1591 bytes) Hash aad33212f3b5221e27bd72c7b2872918 bfa7d007a2df422bd1c51d5b048246041f54267d 8cdae652e8d6758da66a8956e2a6e8f981150fd0745dfa6c654cd427448e71fa HTTP Headers `GET /siteadmin/layoutDesign/1728773780637040642.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 1591 x-oss-request-id: 681CACECF53B5C3C9FD5ED40 vary: Origin, Accept-Encoding etag: "AAD33212F3B5221E27BD72C7B2872918" last-modified: Sun, 26 Nov 2023 13:52:43 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 5418250699510221346 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: qtMyEvO1Ih4nvXLHsocpGA== x-oss-server-time: 1 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea80c1ab503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/common/web/home/btn_sc_off_2.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	1.0 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/common/web/home/btn_sc_off_2.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 1.0 kB (1036 bytes) Hash f9b6a776dcb8e53a1e22c1c1a7db2b1e 52638a0c4fef4928975943596e67228a2b068de9 12f53b8b3a8f1b20e8e5ed3d3f5edfde34f5859d49d0055950828630f26d2695 HTTP Headers GET /siteadmin/skin/lobby_asset/common/web/home/btn_sc_off_2.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 1036 x-oss-request-id: 681CACEDF53B5C3C9FD5EE70 vary: Origin, Accept-Encoding etag: "F9B6A776DCB8E53A1E22C1C1A7DB2B1E" last-modified: Wed, 07 May 2025 10:05:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13757394480033944417 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: +bandty45ToeIsHBp9srHg== x-oss-server-time: 1 cf-cache-status: HIT age: 29819 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa1cfeb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/hall/api/game/hall/listExtLinkV2/currency/VND/language/vi.json	104.18.24.129	200 OK	128 B
URL GET o566mch.hcm665.com/hall/api/game/hall/listExtLinkV2/currency/VND/language/vi.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with no line terminators Size 128 B (128 bytes) Hash 3402435351c938d68236dfe97332b69b 32efa34c2bd97e4d4a7a1fd09b2e212388349733 50be38549d58718e37afa474ccf2ddbdea1ac65c42897004274a6bf713629aff HTTP Headers GET /hall/api/game/hall/listExtLinkV2/currency/VND/language/vi.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:35 GMT content-type: application/json x-oss-request-id: 681CACEEDE669353D24C9BEE vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 etag: W/"3402435351C938D68236DFE97332B69B" last-modified: Wed, 07 May 2025 03:31:12 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 7819780509773916382 x-oss-storage-class: Standard cache-control: s-maxage=600,public,max-age=0 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: NAJDU1HJONaCNt/pczK2mw== x-oss-server-time: 1 cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6eb4bafbb503-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/siteadmin/ssocdn.txt	3.167.2.113	200 OK	2 B
URL GET cdntoos.hcm2233.com/siteadmin/ssocdn.txt IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash a60852f204ed8028c1c58808b746d115 b0a98216a32426b9e66a4ac1eb6df2e96e1b495c 843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c HTTP Headers `GET /siteadmin/ssocdn.txt HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: text/plain content-length: 2 age: 44692 server: AliyunOSS x-oss-request-id: 681B169D7DAC2CB4E2DEF435 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Thu, 25 Jul 2024 03:06:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13902551060587900831 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: pghS8gTtgCjBxYgIt0bRFQ== x-oss-server-time: 4 date: Thu, 08 May 2025 13:05:46 GMT cache-control: max-age=86400 etag: "A60852F204ED8028C1C58808B746D115" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: hZezzKWfxDkwAFOg4rdHxJQDidCcJlN9Th3g-4VE9Fk2VYV63akEaA==

	ntk16.hcm660.com/cdn-cgi/challenge-platform/h/b/jsd/r/0.4095281815390991:1746753026:QpuTP7BUIyg94tWaGIPX5nCnBh1ckHLClU5UxPyF7rc/93cd6e8d1983568b	104.21.96.1	200 OK	0 B
URL POST ntk16.hcm660.com/cdn-cgi/challenge-platform/h/b/jsd/r/0.4095281815390991:1746753026:QpuTP7BUIyg94tWaGIPX5nCnBh1ckHLClU5UxPyF7rc/93cd6e8d1983568b IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ntk16.hcm660.com/ Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/jsd/r/0.4095281815390991:1746753026:QpuTP7BUIyg94tWaGIPX5nCnBh1ckHLClU5UxPyF7rc/93cd6e8d1983568b HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 12085 Origin: https://ntk16.hcm660.com DNT: 1 Connection: keep-alive Referer: https://ntk16.hcm660.com/ Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8; uUrl=w2.4hxn3e.shop Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:29 GMT content-type: text/plain; charset=UTF-8 content-length: 0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DoJx1JU4rkovgWjxStxI3x5R3QUSNltnULMnjfffiHltSUUa2Nf25r6Ex5KneFmc%2BKMRzl6UrcTjCBuVNOlj0Baa5iYxdpbRXAR%2FK4WfV64B3kVS%2Fo6G03DixkDLzvFqtm8w"}],"group":"cf-nel","max_age":604800} set-cookie: cf_clearance=cXNWLPjMcSF.Rd2BKG6pHI.ponv5JG7bN4HKjkt198A-1746754229-1.2.1.1-Yaazjel4DeeO9ka10VwjIdUAacpV.HBvRiKaH0PmQaacjQxqOAIRLdv1jGWOFy43rriQKHX2f8atDmaPMhzlpyOpCjser0nD9pBVuzigeSwkVsjiHFAWfcX3PfdGu7k9y28vQwrsXoBSsTcVVigUYMdL8X_Z_zmgty7T7_QvuAU_jvE6ADoa3LMi8r02L9yW7TSmmhnd7Rk.yMYNerbbgOqoga_QKQE3i8YC03ikFtWfSCeYgP8SWnSN05tI83k3.eRDpy9x646AXrq1GeICuUh4N_G9MFzF0.u4NaBGvX2LWcCPk2bi7mY8pB7_At8RtOY7FWp_jRvrWyZxMSjM9afS2G4Tk21Nc6lfRVWDeNs; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=hcm660.com; Expires=Sat, 09 May 2026 01:30:29 GMT cf-ray: 93cd6e90198d568b-OSL server: cloudflare nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=4454&min_rtt=1397&rtt_var=3899&sent=50&recv=38&lost=0&retrans=0&sent_bytes=17957&recv_bytes=16552&delivery_rate=249442&cwnd=12000&unsent_bytes=0&cid=8dd6d7e55a4db7ba&ts=880&x=16"

	o566mch.hcm665.com/siteadmin/layoutDesign/1728774290824462337.png	104.18.24.129	200 OK	1.7 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728774290824462337.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced Size 1.7 kB (1728 bytes) Hash 1596f777caeaa626ff6ab488bfab850f 4bc1204493f0544e8b27b56d8fa021baa67e8941 fae6c0dac5882e0220f61592adb6869cb77169bbb979d85badfec1cc98a7c137 HTTP Headers `GET /siteadmin/layoutDesign/1728774290824462337.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 1728 x-oss-request-id: 68178B93690BB9B4A18D8D84 vary: Origin, Accept-Encoding etag: "1596F777CAEAA626FF6AB488BFAB850F" last-modified: Sun, 26 Nov 2023 13:54:45 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 11314776702876108948 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: FZb3d8rqpib/arSIv6uFDw== x-oss-server-time: 12 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea81c2bb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/hall/api/game/hall/listVirtualBonusPoolV2/currency/VND.json	104.18.24.129	200 OK	128 B
URL GET o566mch.hcm665.com/hall/api/game/hall/listVirtualBonusPoolV2/currency/VND.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with no line terminators Size 128 B (128 bytes) Hash a9674c1c7ed47919ea3cc5735753466c fa240f0ded35f2242041d7e676dab994ebcdb786 9a14abbaae2ba6a1cad9b6504b43a28552f4c0e642855317c9dc58d5f00aefce HTTP Headers GET /hall/api/game/hall/listVirtualBonusPoolV2/currency/VND.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:34 GMT content-type: application/json x-oss-request-id: 681CACECB724A511D3CEC8B5 vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 etag: W/"A9674C1C7ED47919EA3CC5735753466C" last-modified: Wed, 07 May 2025 03:31:12 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 6948210594066550863 x-oss-storage-class: Standard cache-control: s-maxage=300,public,max-age=0 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: qWdMHH7UeRnqPMVzV1NGbA== x-oss-server-time: 2 cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ea90c9eb503-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/game_pictures/g/CL/315/3/3150049/default.avif	104.18.24.129	200 OK	9.9 kB
URL GET o566mch.hcm665.com/game_pictures/g/CL/315/3/3150049/default.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 9.9 kB (9861 bytes) Hash 64f4ba5918ae1cfd881f636a58c82c8f 953fda202fca9baf4ef751b9a7aab82ab2811ca3 b01b0f494261e0e064990323f83e81d39f27c1a9bd77c3a910017c959e57d2b6 HTTP Headers `GET /game_pictures/g/CL/315/3/3150049/default.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 9861 x-oss-request-id: 68178F22CD3972C8C2396FB3 vary: Origin, Accept-Encoding etag: "64F4BA5918AE1CFD881F636A58C82C8F" last-modified: Wed, 26 Feb 2025 02:15:00 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 5214947714691178319 x-oss-storage-class: Standard cache-control: max-age=1800,stale-while-revalidate=86400,immutable,proxy-revalidate,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: ZPS6WRiuHP2IH2NqWMgsjw== x-oss-server-time: 5 cf-cache-status: HIT age: 574 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa2d02b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	www.hcm2244.com/ipacdn.txt	104.18.24.129	200 OK	2 B
URL GET www.hcm2244.com/ipacdn.txt IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjectwww.hcm2244.com Fingerprint58:BF:E0:92:59:4B:45:E8:87:2F:B6:87:1A:50:FC:AB:EA:E0:CF:21 ValidityTue, 11 Mar 2025 09:30:22 GMT - Mon, 09 Jun 2025 10:30:17 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers `GET /ipacdn.txt HTTP/1.1 Host: www.hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: text/plain content-length: 2 set-cookie: acw_tc=0a0cca9417467542388296285e3f4d5a991f25f57e058d68af141fbd969b68;path=/;HttpOnly;Max-Age=1800 cache-control: s-maxage=315360000,max-age=0,public access-control-allow-origin: * access-control-max-age: 3600 access-control-allow-credentials: true cf-cache-status: BYPASS accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 93cd6ec7e9fa0b49-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdntoos.hcm2233.com/hall/api/active/tasks/newcomer_benefit_reward/default.json	3.167.2.113	200 OK	748 B
URL GET cdntoos.hcm2233.com/hall/api/active/tasks/newcomer_benefit_reward/default.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (748), with no line terminators Size 748 B (748 bytes) Hash 8eb704c1fe8c3a7fa9982c8ceb170b64 0b8faa57a502cc513a9b0d084bfa22bddcc87352 07b0110e614e90de5aa7b84257955e6780266a3c5e5f62a6c5d55bbcd65e06af HTTP Headers GET /hall/api/active/tasks/newcomer_benefit_reward/default.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 748 age: 581 server: AliyunOSS x-oss-request-id: 681D08F240D0029A5C98F5D3 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Thu, 08 May 2025 16:05:34 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9091065259908694717 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: jrcEwf6MOn+pmCyM6xcLZA== x-oss-server-time: 2 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "8EB704C1FE8C3A7FA9982C8CEB170B64" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: 14cYBH0eumyPwymbRW5mydg2vHyHCnBRBGauMZYSJlv0mHbTlMU6iQ==

	cdntoos.hcm2233.com/hall/api/lobby/webapi/forceUpdate/getForceUpdate.json	3.167.2.113	200 OK	492 B
URL GET cdntoos.hcm2233.com/hall/api/lobby/webapi/forceUpdate/getForceUpdate.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (492), with no line terminators Size 492 B (492 bytes) Hash 11b1813437767d74185740535482511e 597af3247be54f2addbca2088fcc82506510de3e b171f25ef87e1f289f4e4c435a3cd4bf7bf37ff1c91c80a0a7a1deb29cbf606f HTTP Headers `GET /hall/api/lobby/webapi/forceUpdate/getForceUpdate.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: application/json content-length: 492 age: 581 server: AliyunOSS x-oss-request-id: 681D040133781B6551968C7F access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Wed, 07 May 2025 19:05:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 18393910310436726933 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: EbGBNDd2fXQYV0BTVIJRHg== x-oss-server-time: 1 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,public,max-age=0 etag: "11B1813437767D74185740535482511E" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: LbiJO1DOdzvYsuAAEUdIF77GaLNyFUwucCwLwb8Nwljs9ohl4RXp5Q==

	p0gceg-285-ppp.oss-accelerate.aliyuncs.com/cocos/lg/access-restricted-image.png	47.254.187.197	200 OK	41 kB
URL GET p0gceg-285-ppp.oss-accelerate.aliyuncs.com/cocos/lg/access-restricted-image.png IP 47.254.187.197:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://w2.4hxn3e.shop/pages/403/index.html?logId=page-403-log&payloadId=page-403-payload&title=HCM66&t=5822515 Certificate IssuerGlobalSign nv-sa Subject.oss-eu-central-1.aliyuncs.com Fingerprint82:9E:ED:B3:E5:61:6D:0D:52:77:3B:4A:1E:DF:68:54:AE:39:DA:01 ValidityTue, 06 May 2025 02:12:11 GMT - Tue, 03 Feb 2026 06:31:07 GMT File type PNG image data, 720 x 680, 8-bit colormap, non-interlaced Size 41 kB (40803 bytes) Hash d2422848b70f94c8efac4754e43024f2 23a671903f129c5f2cd6bbe71dcfbecea675dce5 b119a708a5bc2a05da0a5f5db4e1c64a7dedb37bc226966fbad4febe70a3d3e2 HTTP Headers `GET /cocos/lg/access-restricted-image.png HTTP/1.1 Host: p0gceg-285-ppp.oss-accelerate.aliyuncs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: AliyunOSS Date: Fri, 09 May 2025 01:30:40 GMT Content-Type: image/png Content-Length: 40803 Connection: keep-alive x-oss-request-id: 681D5AC040D0029A5C0EFEE0 Vary: Origin Accept-Ranges: bytes ETag: "D2422848B70F94C8EFAC4754E43024F2" Last-Modified: Fri, 16 Aug 2024 02:45:11 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 15798498559294082751 x-oss-storage-class: Standard Cache-Control: s-maxage=86400,max-age=1800,public x-oss-ec: 0048-00000110 Content-Disposition: attachment x-oss-force-download: true Content-MD5: 0kIoSLcPlMjvrEdU5DAk8g== x-oss-server-time: 1

	ntk16.hcm660.com/	104.21.96.1	301 Moved Permanently	7.8 kB
URL User Request GET ntk16.hcm660.com/ IP 104.21.96.1:80 ASN #13335 CLOUDFLARENET File type Size 7.8 kB (7814 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8 Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 301 Moved Permanently Date: Fri, 09 May 2025 01:30:29 GMT Content-Type: text/html Content-Length: 167 Connection: keep-alive Cache-Control: max-age=3600 Expires: Fri, 09 May 2025 02:30:29 GMT Location: https://ntk16.hcm660.com/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dmCqVvr7Wv2u4%2FY8nDlCL%2FuBu1IGb%2FXi%2BIhbtlDxSluy4QtBKpLNqvtLmN%2BvFVuowz%2FPieQiI6vGx1DmvhB1Uk46bbbfTPidpQOgZXT42m6YodL2CJZQ%2BjnVsEWcrpxc8yQF"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 93cd6e8cb99ab527-OSL alt-svc: h2=":443"; ma=60 server-timing: cfL4;desc="?proto=TCP&rtt=466&min_rtt=466&rtt_var=233&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=473&delivery_rate=0&cwnd=246&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

	w2.4hxn3e.shop/assets/theme-1/FastEntryIndex.BwxKAflk.js	34.144.193.180	200 OK	2.5 kB
URL GET w2.4hxn3e.shop/assets/theme-1/FastEntryIndex.BwxKAflk.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (2423) Size 2.5 kB (2476 bytes) Hash 6db2d1413f92bd2ac3db455843143937 69726c206715f8d4c67b41c220aa233978266996 c61be1fca96ee1be76ed53153b64c4603ab6b8757624f246bf723f41df73e4ad HTTP Headers `GET /assets/theme-1/FastEntryIndex.BwxKAflk.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72C8E4DB93138F49AE9 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 888581393287756988 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: bbLRQT+SvSrD20VYQxQ5Nw== x-oss-server-time: 7 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:48 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"6DB2D1413F92BD2AC3DB455843143937" content-type: text/javascript vary: Accept-Encoding content-length: 1244 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_ty_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	1.5 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_ty_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 1.5 kB (1525 bytes) Hash 487de5852c1b243c0aaf7c7c0fa80001 2e8dca64156864e28f4276083c366d3622d0c0e0 654c49848cbb245978e7917e4e2c8db2eda2482d3d5992d49e392306cd54ebd6 HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_ty_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 1525 x-oss-request-id: 681CACECCD3972C8C27ABA2C vary: Origin, Accept-Encoding etag: "487DE5852C1B243C0AAF7C7C0FA80001" last-modified: Thu, 06 Mar 2025 03:37:14 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 17626601959399675298 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: SH3lhSwbJDwKr3x8D6gAAQ== x-oss-server-time: 1 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea7abfab503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/hall/api/game/hall/hotListV2/currency/VND/language/vi.json	104.18.24.129	200 OK	7.9 kB
URL GET o566mch.hcm665.com/hall/api/game/hall/hotListV2/currency/VND/language/vi.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (7936), with no line terminators Size 7.9 kB (7936 bytes) Hash 1319ea5ef1a795d948f647c44fc7883c 367b7248ed3566ae03ed32cd8463a29f06fccb35 add1025f4291a3703a44c8682c8990d6d1b2ebf86b12f9b811984192da2f2c7e HTTP Headers GET /hall/api/game/hall/hotListV2/currency/VND/language/vi.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:34 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681CBE0AB724A511D3FB1611 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Thu, 08 May 2025 14:13:29 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1164182727533537658 x-oss-storage-class: Standard cache-control: s-maxage=600,public,max-age=0 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: ExnqXvGnldlI9kfET8eIPA== x-oss-server-time: 2 content-encoding: gzip cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ea91ca7b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/game_pictures/p/285/CL/hot/316/3/default_VND.avif	104.18.24.129	200 OK	14 kB
URL GET o566mch.hcm665.com/game_pictures/p/285/CL/hot/316/3/default_VND.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 14 kB (13511 bytes) Hash e75fe3df1ca505b2fed35cf2bec8db18 27afe431dc28772b3894afa2f612d81661d4bb62 61b00bd20e5bc712d6ab7f050a6f5b33dc69d5bc283b62af256e94b5e7258fee HTTP Headers `GET /game_pictures/p/285/CL/hot/316/3/default_VND.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 13511 x-oss-request-id: 68178F21EE8E28F62F251761 vary: Origin, Accept-Encoding etag: "E75FE3DF1CA505B2FED35CF2BEC8DB18" last-modified: Fri, 28 Feb 2025 08:01:13 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3475782741911691126 x-oss-storage-class: Standard cache-control: s-maxage=86400,public,max-age=1800 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: 51/j3xylBbL+01zyvsjbGA== x-oss-server-time: 1 cf-cache-status: HIT age: 29819 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa2d08b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/game_pictures/p/285/CL/hot/79/4/default_VND.avif	104.18.24.129	200 OK	6.5 kB
URL GET o566mch.hcm665.com/game_pictures/p/285/CL/hot/79/4/default_VND.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 6.5 kB (6520 bytes) Hash 341cd54c82d275e733d903ac679035a6 051519f03b12f075e54259c17a79a1910334c414 6dc0a8326d37456dd710ddbacbf4f4ed0139d9ee8422ee417506002f31ea3149 HTTP Headers `GET /game_pictures/p/285/CL/hot/79/4/default_VND.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 6520 x-oss-request-id: 681CAC42690BB9B4A1D45C0E vary: Origin, Accept-Encoding etag: "341CD54C82D275E733D903AC679035A6" last-modified: Sun, 13 Apr 2025 06:35:54 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8746126986700318710 x-oss-storage-class: Standard cache-control: s-maxage=86400,public,max-age=1800 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: NBzVTILSdecz2QOsZ5A1pg== x-oss-server-time: 3 cf-cache-status: HIT age: 29819 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa2d0bb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/hall/api/active/tasks/pop_newcomerBenefit/currency/VND/language/vi.json	3.167.2.113	200 OK	640 B
URL GET cdntoos.hcm2233.com/hall/api/active/tasks/pop_newcomerBenefit/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (640), with no line terminators Size 640 B (640 bytes) Hash ae8038b91a05229d3a7fd9a26bf29833 3f77ca0757f9aca6c9450cbc11cee7ecd9d20907 084f58d8decb18248eeb73b4950c7f770fbefe0f6952c3af39f50cea302f468e HTTP Headers GET /hall/api/active/tasks/pop_newcomerBenefit/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 640 age: 574 server: AliyunOSS x-oss-request-id: 681D4F8A7DAC2CB4E290342A access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3799623125393152769 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: roA4uRoFIp06f9mia/KYMw== x-oss-server-time: 3 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "AE8038B91A05229D3A7FD9A26BF29833" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: c89Armktx33iQyYTkfEuaTZ9gZM7qoT4jj2lgOPS_4yE2eqY4gwOjQ==

	w2.4hxn3e.shop/assets/theme-1/StyleIndex.CeAizi4D.js	34.144.193.180	200 OK	74 kB
URL GET w2.4hxn3e.shop/assets/theme-1/StyleIndex.CeAizi4D.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size 74 kB (73483 bytes) Hash 7c511da35ff34453847f4e3676ef5fab f3b3a1f56331a0964e503da841f006b0bce20b51 4233200d957359f8194deb1cfbaa6f7d0102fab1017aa0149f18a27dbe6e07fe HTTP Headers `GET /assets/theme-1/StyleIndex.CeAizi4D.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:44 GMT content-type: text/javascript x-oss-request-id: 681D5AC4637FD23235363ABF accept-ranges: none etag: W/"7C511DA35FF34453847F4E3676EF5FAB" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 11876553345053663596 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: fFEdo1/zRFOEf042du9fqw== x-oss-server-time: 4 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/SearchIndex.B_b7VnDH.js	34.144.193.180	200 OK	216 B
URL GET w2.4hxn3e.shop/assets/theme-1/SearchIndex.B_b7VnDH.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text Size 216 B (216 bytes) Hash 502d7c3b0a73f2bfeb8cd9b372a0a1a7 d06a92f3f7e9877ef323206ef6959d512ea2a9bd 9b7f32b05c0c7e0c3652f2783bb456f093ae226266c1edc9be637cfac80d72b8 HTTP Headers `GET /assets/theme-1/SearchIndex.B_b7VnDH.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/PureListIndex.CkMT4Ie1.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS content-length: 216 x-oss-request-id: 681CF73006F3A437364BFBE9 accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 15842210277615294985 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: UC18Owpz8r/rjNmzcqChpw== x-oss-server-time: 3 via: 1.1 google date: Thu, 08 May 2025 18:25:52 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT etag: "502D7C3B0A73F2BFEB8CD9B372A0A1A7" content-type: text/javascript age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/assets.hash.json?timestamp=1746754236054	104.18.24.129	200 OK	120 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/assets.hash.json?timestamp=1746754236054 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type JSON text data Size 120 kB (120253 bytes) Hash 01fb6278d9fdb806c083f180ad594406 8984a9b3c09150a87a71ce195b22edfae0cf421b ac29cc5a8cf49705535c910ce18d9d34cfca6c2fa7c6a414de78d1432429ae29 HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-11/assets.hash.json?timestamp=1746754236054 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:36 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681D5ABC40D0029A5C0EF511 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Wed, 07 May 2025 10:19:21 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 15143805453825981368 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: AftieNn9uAbAg/GArVlEBg== x-oss-server-time: 2 content-encoding: gzip cf-cache-status: MISS priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6eb77cdeb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	hcm2244.com/hall/ipCheck?siteCode=285&currency=VND&language=vi&platformType=5	104.18.25.129	200 OK	0 B
URL OPTIONS hcm2244.com/hall/ipCheck?siteCode=285&currency=VND&language=vi&platformType=5 IP 104.18.25.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm2244.com Fingerprint1E:FC:82:F5:D7:8C:88:C1:C8:AB:8F:34:19:36:B0:F3:BC:B3:1D:48 ValidityTue, 11 Mar 2025 10:49:09 GMT - Mon, 09 Jun 2025 11:49:02 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /hall/ipCheck?siteCode=285&currency=VND&language=vi&platformType=5 HTTP/1.1 Host: hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: application/octet-stream content-length: 0 set-cookie: acw_tc=0a094e1f17467542387023492e4209597317ee6ca3bc926f904ee7dc12c70c;path=/;HttpOnly;Max-Age=1800 access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true access-control-allow-origin: * access-control-allow-headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version cf-cache-status: DYNAMIC priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ec7389bb4f1-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	ntk16.hcm660.com/index2.php	104.21.96.1	404 Not Found	2.4 kB
URL GET ntk16.hcm660.com/index2.php IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ntk16.hcm660.com/ Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type JavaScript source, ASCII text, with very long lines (946) Size 2.4 kB (2417 bytes) Hash 8e8c275bf702ab3f423c4767e3d85b7b 034f87f98643b70b0647cacc18040c1fd7d725a6 33067ca2d185657a14f472262d38cec2be5753b856897cc10ded62367f29781b HTTP Headers GET /index2.php HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ntk16.hcm660.com/ Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 404 Not Found date: Fri, 09 May 2025 01:30:29 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jErUxtqc%2Bu2Zs%2BZ27vgb1zj1IY%2BJBgJhGjvRjuQ3R88%2FXxjpPC%2BCC0MyfpqU2x8vSlD7gK%2FzU0x9KYEMevFsBMKdhvMb9qk%2FIslxMnJFhJQ9Quol%2F8hQQ8qGIRQds%2BKbldRh"}],"group":"cf-nel","max_age":604800} vary: Accept-Encoding expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: uUrl=w2.4hxn3e.shop; expires=Sun, 08-Jun-2025 01:30:29 GMT; Max-Age=2592000; path=/; domain=hcm660.com cf-cache-status: DYNAMIC content-encoding: br cf-ray: 93cd6e8e6986568b-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=5556&min_rtt=1397&rtt_var=5378&sent=28&recv=23&lost=0&retrans=0&sent_bytes=9284&recv_bytes=2860&delivery_rate=54921&cwnd=12000&unsent_bytes=0&cid=8dd6d7e55a4db7ba&ts=639&x=16"

	w2.4hxn3e.shop/libs/monitor/index.js?ver=1.0.1	34.144.193.180	200 OK	2.1 kB
URL GET w2.4hxn3e.shop/libs/monitor/index.js?ver=1.0.1 IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, ASCII text Size 2.1 kB (2143 bytes) Hash d9b6967f11e6052d0648615948ac25e7 fe871b15b6cc0b674e0181846cf06bc86d3cfacd 2632728f1046cea4040886a9f047746fb17385846606fb8a6dbf3558cdab9ad7 HTTP Headers `GET /libs/monitor/index.js?ver=1.0.1 HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: AliyunOSS x-oss-request-id: 681CF72BC05EDB38346DF427 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 10701447971700172706 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: 2baWfxHmBS0GSGFZSKwl5w== x-oss-server-time: 3 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:47 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:30:00 GMT etag: W/"D9B6967F11E6052D0648615948AC25E7" content-type: text/javascript vary: Accept-Encoding content-length: 735 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	o566mch.hcm665.com/siteadmin/layoutDesign/1728077270935040001.png	104.18.24.129	200 OK	2.3 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728077270935040001.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 80 x 70, 8-bit colormap, non-interlaced Size 2.3 kB (2346 bytes) Hash a60fd4c9b6097e317fdcc00a963c6e72 319db80ce3e46a74814bac3288b4ef33e6193d99 97561be905b7d0ee3cd90422c635f3c8397c2a33197e76d6ffc46f5aaf705f28 HTTP Headers `GET /siteadmin/layoutDesign/1728077270935040001.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 2346 x-oss-request-id: 681C0E6DB724A511D35A2883 vary: Origin, Accept-Encoding etag: "A60FD4C9B6097E317FDCC00A963C6E72" last-modified: Fri, 24 Nov 2023 15:45:03 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8298407260899052042 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: pg/UybYJfjF/3MAKljxucg== x-oss-server-time: 33 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea72bb9b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/common/_sprite/icon_dt_1xx.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	1.3 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/common/_sprite/icon_dt_1xx.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 1.3 kB (1330 bytes) Hash 86b6c451f07f497385935dca4efbf1f7 e4c276712cb399312755e23d8593fee027083fc5 04714965c0700fc4b11d76c95122433b2a86a534deffdd71b5e3b0269952f006 HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-11/common/_sprite/icon_dt_1xx.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 1330 x-oss-request-id: 681CACECDA25D3580DCB784E vary: Origin, Accept-Encoding etag: "86B6C451F07F497385935DCA4EFBF1F7" last-modified: Wed, 07 May 2025 10:18:35 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 17515970133573215696 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: hrbEUfB/SXOFk13KTvvx9w== x-oss-server-time: 1 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea71bb3b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_zr_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	2.1 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_zr_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 2.1 kB (2113 bytes) Hash 1e9cb491ec27c2412bbeed57c5817fa7 c66f806eb4deecd5cc6e7a65567372181b1bb67d 97fd80d0c69252435cc9bd0eb1934269105c2300dd72d83fe43ce80946921611 HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_zr_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 2113 x-oss-request-id: 681CACEC33781B6551D01784 vary: Origin, Accept-Encoding etag: "1E9CB491EC27C2412BBEED57C5817FA7" last-modified: Thu, 06 Mar 2025 03:37:14 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1468228297530659951 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: Hpy0kewnwkErvu1XxYF/pw== x-oss-server-time: 2 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea77be5b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/hall/api/finance/maxChargeRate/currency/VND/osType/4.json	104.18.24.129	200 OK	108 B
URL GET o566mch.hcm665.com/hall/api/finance/maxChargeRate/currency/VND/osType/4.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with no line terminators Size 108 B (108 bytes) Hash 668df463b3e8b8be3dcc0d4a27cd263a ec2be573fff8eb8b3b13b6bcdd9049652ce5a2df 68b13a727636e140b99052f212017ff74dac389165c0ee361fbeb1da4cf6d0bc HTTP Headers GET /hall/api/finance/maxChargeRate/currency/VND/osType/4.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:34 GMT content-type: application/json x-oss-request-id: 681D5AB9304E2E95F87D9EDE vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 etag: W/"668DF463B3E8B8BE3DCC0D4A27CD263A" last-modified: Fri, 09 May 2025 01:07:11 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9553078294997214239 x-oss-storage-class: Standard cache-control: s-maxage=600,max-age=0,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: Zo30Y7PouL49zA1KJ80mOg== x-oss-server-time: 1 cf-cache-status: EXPIRED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ea8fc99b503-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/hall/api/active/isShowV2/default.json	104.18.24.129	200 OK	812 B
URL GET o566mch.hcm665.com/hall/api/active/isShowV2/default.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (812), with no line terminators Size 812 B (812 bytes) Hash 6293b3c5b21a05ceec974afcb917172c 2fa7db8c3d9437a30c664446d019a4ea627def0c af67a0cf467a4ea8459d8077973815c2729eba9a72aa0a209190abb4b97f1b6b HTTP Headers `GET /hall/api/active/isShowV2/default.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:34 GMT content-type: application/json x-oss-request-id: 681D50E6CD3972C8C2AD4193 vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 etag: W/"6293B3C5B21A05CEEC974AFCB917172C" last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 17712703437255710648 x-oss-storage-class: Standard cache-control: s-maxage=600,max-age=0,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: YpOzxbIaBc7sl0r8uRcXLA== x-oss-server-time: 2 cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ea8fc96b503-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	hcm66gcdn.hcm2211.com/ipacdn.txt	0.0.0.0		0 B
URL GET hcm66gcdn.hcm2211.com/ipacdn.txt IP 0.0.0.0:0 ASN #0 Requested by https://w2.4hxn3e.shop/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /ipacdn.txt HTTP/1.1 Host: hcm66gcdn.hcm2211.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	ntk16.hcm660.com/favicon.ico	104.21.96.1	200 OK	1.2 kB
URL GET ntk16.hcm660.com/favicon.ico IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ntk16.hcm660.com/ Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Size 1.2 kB (1150 bytes) Hash fb57e287756afe49ecd44b2098a75b68 c312858fc623acedfb07c6809276397048394545 9d85bc53d5f9b3df2b91e4c18d67db99d39f9f25cce55f7e0682168645f95629 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ntk16.hcm660.com/ Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:29 GMT content-type: image/x-icon nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mh6ppZV1T8akZTg9BtrKUSFuVgAIuSlyMppFDPXAY2Ofpa0z%2FNpjyfQevVXOmqC2SY9koXBmeEObPlv9LHNr2W1kOwahEee%2BAvYLq0qexgVAg%2F1FpdcafXhc%2BnDGRCyP7OOW"}],"group":"cf-nel","max_age":604800} last-modified: Thu, 22 Aug 2024 06:09:37 GMT etag: W/"66c6d621-47e" cache-control: max-age=14400 cf-cache-status: MISS content-encoding: br cf-ray: 93cd6e8e9987568b-OSL server: cloudflare vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=4718&min_rtt=1397&rtt_var=4495&sent=36&recv=27&lost=0&retrans=0&sent_bytes=15737&recv_bytes=3596&delivery_rate=615426&cwnd=12000&unsent_bytes=0&cid=8dd6d7e55a4db7ba&ts=695&x=16"

	w2.4hxn3e.shop/assets/vendors/vendor-.9Fs140A-.css	34.144.193.180	200 OK	5.0 kB
URL GET w2.4hxn3e.shop/assets/vendors/vendor-.9Fs140A-.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (4825) Size 5.0 kB (5009 bytes) Hash 8395a0b3f19348fc7b95730e067db432 7d158911a42cd013eafe911b7cb84d9d8864c604 04dd101d3a1ffe31667e4783be95a4e21a9095446541c2ec5d913c903497aad0 HTTP Headers `GET /assets/vendors/vendor-.9Fs140A-.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: AliyunOSS x-oss-request-id: 681CF72BEE8845353172C3FA x-oss-object-type: Normal x-oss-hash-crc64ecma: 7487077606416589971 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: g5Wgs/GTSPx7lXMOBn20Mg== x-oss-server-time: 17 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:25:47 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:30:00 GMT content-type: text/css vary: Accept-Encoding content-length: 1421 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	w2.4hxn3e.shop/assets/vendors/vendor-swiper.CoXUCMPL.css	34.144.193.180	200 OK	25 kB
URL GET w2.4hxn3e.shop/assets/vendors/vendor-swiper.CoXUCMPL.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (24555) Size 25 kB (24556 bytes) Hash 62969e2091dbbfb534454be94155e731 44338e52f955d955a597485f9d7f9d605dd04a9f a604dfa4233199eaa49cce3d38d3828b7961c31d129a8f7116a62f5118b47143 HTTP Headers `GET /assets/vendors/vendor-swiper.CoXUCMPL.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: AliyunOSS x-oss-request-id: 681CF72BFE67F33634905FCC x-oss-object-type: Normal x-oss-hash-crc64ecma: 2900298986903795848 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: YpaeIJHbv7U0RUvpQVXnMQ== x-oss-server-time: 20 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:25:47 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:30:00 GMT content-type: text/css vary: Accept-Encoding content-length: 5065 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	w2.4hxn3e.shop/assets/theme-1/index.CAGs0SBn.css	34.144.193.180	200 OK	124 kB
URL GET w2.4hxn3e.shop/assets/theme-1/index.CAGs0SBn.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 124 kB (124124 bytes) Hash 8e5a60332d8729cd973522c3e6fb8b8d 265058c29349581c76f011fe0756782108931e3a d764efce167757c16bfe621b90f3c57081278db9bcf6023a2048ad6a2d6bb273 HTTP Headers `GET /assets/theme-1/index.CAGs0SBn.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:30 GMT content-type: text/css vary: Accept-Encoding x-oss-request-id: 681D5AB63D643B353358C80F last-modified: Fri, 09 May 2025 01:28:08 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8015255292227780393 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: jlpgMy2HKc2XNSLD5vuLjQ== x-oss-server-time: 6 content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	w2.4hxn3e.shop/assets/theme-1/vendorChunk.D7TmZIHS.js	34.144.193.180	200 OK	2.5 kB
URL GET w2.4hxn3e.shop/assets/theme-1/vendorChunk.D7TmZIHS.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, ASCII text, with very long lines (2453) Size 2.5 kB (2503 bytes) Hash 385b3d981ec180895499bf90ddf50d6e e5792ad0f1df4971a60ae8d62173d3780ce00a87 cb6bc7e686c808edcebf111fdd042eb43fcd55019b65446925718de269be1709 HTTP Headers `GET /assets/theme-1/vendorChunk.D7TmZIHS.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72CFE67F336348C64CC accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 14357787392347401165 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: OFs9mB7BgIlUmb+Q3fUNbg== x-oss-server-time: 110 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:48 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT etag: W/"385B3D981EC180895499BF90DDF50D6E" content-type: text/javascript vary: Accept-Encoding content-length: 1196 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/siteadmin/layoutDesign/1728773758853615617.png	104.18.24.129	200 OK	1.6 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728773758853615617.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced Size 1.6 kB (1591 bytes) Hash aad33212f3b5221e27bd72c7b2872918 bfa7d007a2df422bd1c51d5b048246041f54267d 8cdae652e8d6758da66a8956e2a6e8f981150fd0745dfa6c654cd427448e71fa HTTP Headers `GET /siteadmin/layoutDesign/1728773758853615617.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 1591 x-oss-request-id: 68178B9312A9C8DCE87164F6 vary: Origin, Accept-Encoding etag: "AAD33212F3B5221E27BD72C7B2872918" last-modified: Sun, 26 Nov 2023 13:52:38 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 5418250699510221346 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: qtMyEvO1Ih4nvXLHsocpGA== x-oss-server-time: 19 cf-cache-status: HIT age: 574 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea80c1cb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskWeek/currency/VND/language/vi.json	3.167.2.113	200 OK	1.1 kB
URL GET cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskWeek/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (1088), with no line terminators Size 1.1 kB (1088 bytes) Hash 67042b179a532f83e8d8d6512b09c299 3d06c6a49eaca0ff9789f21318f068b3d3bef101 dfc03979b78cdd5d9cb051940b8cdd12fc9da73ac8d1c4abeec5149ee858fb0a HTTP Headers GET /hall/api/active/tasks/pop_taskWeek/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json alt-svc: h3=":443"; ma=86400 age: 574 server: AliyunOSS x-oss-request-id: 681D4F8A7DAC2CB4E290342C access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 6437387096120924487 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: ZwQrF5pTL4Po2NZRKwnCmQ== x-oss-server-time: 1 content-encoding: gzip date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "67042B179A532F83E8D8D6512B09C299" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 x-amz-cf-id: qjJcZtimINYViuWffFeEhYdrJJN5iVqno6nYO0OHRkdBVzdA3SggqQ==

	ntk16.hcm660.com/	104.21.96.1	404 Not Found	7.1 kB
URL User Request GET ntk16.hcm660.com/ IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (3943) Size 7.1 kB (7078 bytes) Hash c71edbf105f801dbdb6c500469cc374c eaa9283a04f078295633fc1a3ef5ef4495faadd7 8182018375c97986acbd4c318a4c6bae07d93df81df7031feeb1a58f1115bf31 HTTP Headers GET / HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: uDomain=ntk16.hcm660.com Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 404 Not Found date: Fri, 09 May 2025 01:30:28 GMT content-type: text/html; charset=UTF-8 server: cloudflare nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} vary: Accept-Encoding expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MSi%2BL48IoedndBCzev8zmrk02XtYbQECirkGDfKHSpiwpn1sZHNH%2Ft9AQHjpQiNTKIqpICI6JFItEXbfND3CY3KxKHf%2FAtSoAJMrP4NcdxQgtEu9nCyFsCYWyYGN32i5wNol"}]} cf-cache-status: DYNAMIC content-encoding: br set-cookie: PHPSESSID=f63lron611ajlmie94uo9a92c8; Path=/ cf-ray: 93cd6e8accf15685-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/web/home/icon_dt_pmd.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	2.3 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/web/home/icon_dt_pmd.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Sequence Size 2.3 kB (2333 bytes) Hash b3e4451cd7b496c753ceda422a05836f afd53da3eb0c2d27135b4d9178f61d5fe1b575bd b4ccc240a99ae6fc4fb8440a65fca3558a66479b18976ed0f04d1bcb5976189f HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/web/home/icon_dt_pmd.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 2333 x-oss-request-id: 681CACEC72F06605DEC43F88 vary: Origin, Accept-Encoding etag: "B3E4451CD7B496C753CEDA422A05836F" last-modified: Thu, 06 Mar 2025 03:37:29 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 5692496726147755846 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: s+RFHNe0lsdTztpCKgWDbw== x-oss-server-time: 4 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea6cb95b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskDay/currency/VND/language/vi.json	3.167.2.113	200 OK	960 B
URL GET cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskDay/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (960), with no line terminators Size 960 B (960 bytes) Hash 6e240c6d77430d2a44a279af8f233821 115d1740e17925dcca037880b5f418b5d8273f70 d3ffe1aeb1db5645f78be0a3f5fc21e6f84fcc17c2a5b9c7cbb7e6df404cf2ec HTTP Headers GET /hall/api/active/tasks/pop_taskDay/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 960 age: 574 server: AliyunOSS x-oss-request-id: 681D4F8A304E2E95F8690326 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10986352239552173031 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: biQMbXdDDSpEonmvjyM4IQ== x-oss-server-time: 1 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "6E240C6D77430D2A44A279AF8F233821" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: Gn-Y6TO_EJrnlTzNglnqST1lMB6B8nmcvBNlyBQgBTKliCo9JfAMhw==

	w2.4hxn3e.shop/assets/locales/vi.Bhn6U9X3.js	34.144.193.180	200 OK	382 kB
URL GET w2.4hxn3e.shop/assets/locales/vi.Bhn6U9X3.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Unicode text, UTF-8 text, with very long lines (54229), with no line terminators Size 382 kB (382062 bytes) Hash 778f3f027b480a5fd4c614c12f8b980b ee2dee8d19525f405f0887ea7293407c85fd6894 f96be4876006166f75a5af97bf2bf0d11dd48e28cc52ff9bfd381ff77c9b75c8 HTTP Headers `GET /assets/locales/vi.Bhn6U9X3.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:32 GMT content-type: text/javascript x-oss-request-id: 681D5AB83D643B353362D70F accept-ranges: none etag: W/"3FCAD95DD34901C93CFF8A77E77C9D0C" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 14229887318299222683 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: P8rZXdNJAck8/4p353ydDA== x-oss-server-time: 9 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/siteadmin/layoutDesign/1728774201106386946.png	104.18.24.129	200 OK	2.2 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728774201106386946.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced Size 2.2 kB (2191 bytes) Hash a3ceaf1257032190f5f0939661822b2b c4382af586c230e15394cd34d670aa4c269e41fb dc774990ed1ea2646bde031a98634dc3c87c75510320873c9d306945de4b7a64 HTTP Headers `GET /siteadmin/layoutDesign/1728774201106386946.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 2191 x-oss-request-id: 68178B937DAC2CB4E21B9691 vary: Origin, Accept-Encoding etag: "A3CEAF1257032190F5F0939661822B2B" last-modified: Sun, 26 Nov 2023 13:54:24 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 12772827520453480773 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: o86vElcDIZD18JOWYYIrKw== x-oss-server-time: 5 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea81c24b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/game_pictures/p/285/CL/hot/1012/4/default_VND.avif	104.18.24.129	200 OK	5.6 kB
URL GET o566mch.hcm665.com/game_pictures/p/285/CL/hot/1012/4/default_VND.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 5.6 kB (5599 bytes) Hash 6c4c95e6b360fbb712d3c94997984ff1 ba5cfa02d27699b3d87a1f2efbc789f616e5a1d1 a4e9955a9fdb1268a3480f704bf8fb25dea659e928d6f24ea7555eb61cbbcbc8 HTTP Headers `GET /game_pictures/p/285/CL/hot/1012/4/default_VND.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 5599 x-oss-request-id: 681CAC42EE8E28F62F5FBFEC vary: Origin, Accept-Encoding etag: "6C4C95E6B360FBB712D3C94997984FF1" last-modified: Sun, 13 Apr 2025 06:35:22 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 14460844565367270613 x-oss-storage-class: Standard cache-control: s-maxage=86400,public,max-age=1800 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: bEyV5rNg+7cS08lJl5hP8Q== x-oss-server-time: 5 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa2d00b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/hall/api/lobby/webapi/optimizationV2/site/config/language/vi.json	104.18.24.129	200 OK	18 kB
URL GET o566mch.hcm665.com/hall/api/lobby/webapi/optimizationV2/site/config/language/vi.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (18456), with no line terminators Size 18 kB (18456 bytes) Hash a08c6422d6c39d92a4d5c240dbd8e4a7 f9c96fe715eae859889f3e17144a39b061c56870 82443df875c8dc5a95d189971ed0c715fdc16fb4e7eeb1e5f9e586399e53df4c HTTP Headers GET /hall/api/lobby/webapi/optimizationV2/site/config/language/vi.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:36 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681CACEE13F9D4DEBFD1E239 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Wed, 07 May 2025 19:05:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 11174632044621967598 x-oss-storage-class: Standard cache-control: s-maxage=600,public,max-age=0 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: oIxkItbDnZKk1cJA29jkpw== x-oss-server-time: 1 content-encoding: gzip cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6eb4fb15b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	hcm2244.com/hall/api/statistics/domain/pointer	104.18.25.129	200 OK	50 B
URL POST hcm2244.com/hall/api/statistics/domain/pointer IP 104.18.25.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm2244.com Fingerprint1E:FC:82:F5:D7:8C:88:C1:C8:AB:8F:34:19:36:B0:F3:BC:B3:1D:48 ValidityTue, 11 Mar 2025 10:49:09 GMT - Mon, 09 Jun 2025 11:49:02 GMT File type JSON text data Size 50 B (50 bytes) Hash faaf39249984863fdcf41111b5d1a731 0304387d8ef88e50055fa24f6179824539bdbee6 59a3b33e22d5b910f251af89df65fe7438a5e0f76a304c864d79ebc5133c1770 HTTP Headers POST /hall/api/statistics/domain/pointer HTTP/1.1 Host: hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: vi Accept-Encoding: gzip, deflate, br Content-Type: application/json x-object-id: {"uid":"","browserLanguage":"en-US","init":{"created":1746754232103,"version":1746700671000}} platformType: 5 devicetype: 3 x-device: 1-1 x-data-mode: plain x-request-id: 13aceced-9ac5-4db7-a786-b03dba035387 device: b9acb4d2-198e-453c-b131-4c558c83ca52 currency: VND timestamp: 1746754236 nonce: 13aceced-9ac5-4db7-a786-b03dba035387 sign: 65l88Qy6zXUvjiRoOlloA96CMJCEdJ+3qz1Af3dGRD0RZloI+YdBOersQHixhrLo siteCode: 285 language: vi token: b2e3d672-9d88-47a7-81b4-9d7ffc62054f auth: undefined deviceModel: Firefox v134.0 physicalDeviceModel: unknown operatingSystem: Windows deviceBrand: unknown browserType: Firefox v134.0 appSystem: Windows 10 domain: w2.4hxn3e.shop webauthnDomain: w2.4hxn3e.shop clienttimezone: 0 x-custom-referer: https://w2.4hxn3e.shop/ x-version: 6.0.52 browserfingerid: appVersion: v6.0.52 Content-Length: 84 Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: application/json; charset=utf-8 set-cookie: acw_tc=0a0cca9217467542384156058e51b56964b605756d6b009ec7a6f12d9b23b7;path=/;HttpOnly;Max-Age=1800 api-cache: false cache-control: no-cache x-env-go-biz-gateway: 0 x-env-go-biz-statistics-server: 0 x-server-version: 4.0.0 x-trace-id: 3a8176ba36bbfc22 access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true access-control-allow-origin: * cf-cache-status: DYNAMIC priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ec56806b4f1-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	hcm2244.com/ipacdn.txt	104.18.25.129	200 OK	2 B
URL GET hcm2244.com/ipacdn.txt IP 104.18.25.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm2244.com Fingerprint1E:FC:82:F5:D7:8C:88:C1:C8:AB:8F:34:19:36:B0:F3:BC:B3:1D:48 ValidityTue, 11 Mar 2025 10:49:09 GMT - Mon, 09 Jun 2025 11:49:02 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers `GET /ipacdn.txt HTTP/1.1 Host: hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:39 GMT content-type: text/plain content-length: 2 set-cookie: acw_tc=0a0cca9517467542389074931e3fb27c463bf152a2d8105b9bf11f68d1f2de;path=/;HttpOnly;Max-Age=1800 cache-control: s-maxage=315360000,max-age=0,public access-control-allow-origin: * access-control-max-age: 3600 access-control-allow-credentials: true cf-cache-status: BYPASS accept-ranges: bytes priority: u=4,i=?0 vary: Accept-Encoding server: cloudflare cf-ray: 93cd6ec788bab4f1-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/active/ActiveImg5982610369756591.avif	3.167.2.113	200 OK	61 kB
URL GET cdntoos.hcm2233.com/active/ActiveImg5982610369756591.avif IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ISO Media, AVIF Image Sequence Size 61 kB (60749 bytes) Hash c2b86e9646346ee07a9b8beac32a7790 ac0c11c320a3beb2b5e10720cd2afefe2928870d d6db28f65dbb64e9b8294fa2aeaf6d603dc7de983b588c83456c6223687cd892 HTTP Headers `GET /active/ActiveImg5982610369756591.avif HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: image/avif content-length: 60749 age: 20940 server: AliyunOSS date: Thu, 08 May 2025 19:41:43 GMT x-oss-request-id: 681D08F7F53B5C3C9FA39E98 accept-ranges: bytes etag: "C2B86E9646346EE07A9B8BEAC32A7790" last-modified: Mon, 02 Dec 2024 16:19:58 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 17482064432510967809 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: wrhulkY0buB6m4vqwyp3kA== x-oss-server-time: 14 x-cache: Hit from cloudfront via: 1.1 74cb6ad66f88e47ae011abd64e57e7cc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 vary: Origin x-amz-cf-id: 0aBywjcWVTF9ByPasGPuvKnnbPrdXB8t7SLe9_A_wDmqpvLb2YPgSA==

	o566mch.hcm665.com/game_pictures/p/285/L1/315/3/default_VND.avif	104.18.24.129	200 OK	9.3 kB
URL GET o566mch.hcm665.com/game_pictures/p/285/L1/315/3/default_VND.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 9.3 kB (9269 bytes) Hash f0ced521db6f92e5efc7b1bb617909ac 74d58e81ac816fcc48a422b2a32db3095b94dae5 006f1e36f5594c0b168d6c3b1f4e31f22c0bd6e71efa7b8a7fa12de2fa12379f HTTP Headers `GET /game_pictures/p/285/L1/315/3/default_VND.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 9269 x-oss-request-id: 6817B1AC33781B6551E321E8 vary: Origin, Accept-Encoding etag: "F0CED521DB6F92E5EFC7B1BB617909AC" last-modified: Fri, 28 Feb 2025 07:58:47 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 11141934929196843531 x-oss-storage-class: Standard cache-control: s-maxage=86400,public,max-age=1800 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: 8M7VIdtvkuXvx7G7YXkJrA== x-oss-server-time: 17 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea75bccb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/assets/theme-1/WithdrawTaskIndex.ePfLAPd2.css	34.144.193.180	200 OK	26 kB
URL GET w2.4hxn3e.shop/assets/theme-1/WithdrawTaskIndex.ePfLAPd2.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (26381) Size 26 kB (26382 bytes) Hash 2d476cafba687f25b8f6b7d261126bd2 a3bb48bf7766b8321ec6b02b2837bebdfaa7145a 91db64f2b677ff9d09afbad38a685defb04f0c0e31537cd89f58784913c4b988 HTTP Headers `GET /assets/theme-1/WithdrawTaskIndex.ePfLAPd2.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:44 GMT content-type: text/css vary: Accept-Encoding x-oss-request-id: 681D5AC4E9CC4C38369FD986 last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 17037492058763046542 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: LUdsr7pofyW49rfSYRJr0g== x-oss-server-time: 27 content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/RechargeDetailIndex.CRlVdQyy.css	34.144.193.180	200 OK	3.3 kB
URL GET w2.4hxn3e.shop/assets/theme-1/RechargeDetailIndex.CRlVdQyy.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (3260) Size 3.3 kB (3261 bytes) Hash 4e62cc3c1e691ebc806a80b11986c880 572133685091902567fc6e6882ab5cbe42071410 6bc2c47fa45fb58537d80ccb04fe2c3e4b72f6ae69df47e7fd7bb0da4d52f5fa HTTP Headers `GET /assets/theme-1/RechargeDetailIndex.CRlVdQyy.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:44 GMT content-type: text/css vary: Accept-Encoding x-oss-request-id: 681D5AC43D643B3533283F10 last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 4493457219716511810 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: TmLMPB5pHryAaoCxGYbIgA== x-oss-server-time: 6 content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/FindUsIndex.DCq0hNMN.css	34.144.193.180	200 OK	2.1 kB
URL GET w2.4hxn3e.shop/assets/theme-1/FindUsIndex.DCq0hNMN.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (2119) Size 2.1 kB (2120 bytes) Hash 25be1f7153203a1d211a60f21b503163 ca908cc32e3c43c7866fc7f12c800583b1600dfa b9e896dd3009da2f780176e62e39f90386b520a0b2c2939fcf1b41e0b2ba6f1c HTTP Headers `GET /assets/theme-1/FindUsIndex.DCq0hNMN.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:46 GMT content-type: text/css vary: Accept-Encoding x-oss-request-id: 681D5AC6637FD232356048BF last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 17818050866795936029 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: Jb4fcVMgOh0hGmDyG1AxYw== x-oss-server-time: 6 content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/vendors/vendor-swiper.LJkawljk.js	34.144.193.180	200 OK	99 kB
URL GET w2.4hxn3e.shop/assets/vendors/vendor-swiper.LJkawljk.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 99 kB (98645 bytes) Hash 34319c8f5a31c6647163efba6efb67ba c049797323e1250214ca9a21baf05382a6b3c035 387040eae913cb310271ee01fcea9779742840e9cdafd784a3c12882522a9876 HTTP Headers `GET /assets/vendors/vendor-swiper.LJkawljk.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72CEE88453531EEC7FA accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 12948099775933159689 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: NDGcj1oxxmRxY++6bvtnug== x-oss-server-time: 19 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:48 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:30:00 GMT etag: W/"34319C8F5A31C6647163EFBA6EFB67BA" content-type: text/javascript vary: Accept-Encoding content-length: 28582 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/vendors/vendor-@sentry.6viaZao7.js	34.144.193.180	200 OK	336 kB
URL GET w2.4hxn3e.shop/assets/vendors/vendor-@sentry.6viaZao7.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 336 kB (336043 bytes) Hash 87fbeb79c5e7a17a5b12566307cfd347 5d96f270dca53747441fc8452b857dd0e510d48a d57cbf2f3d44db5cabac8a14bc6ab6ccfa54ede78ef9ea135f4661c3b77826dd HTTP Headers `GET /assets/vendors/vendor-@sentry.6viaZao7.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72CF1D29D3336E8F3A1 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 8011717243618773825 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: h/vrecXnoXpbElZjB8/TRw== x-oss-server-time: 22 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:48 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:30:00 GMT etag: W/"87FBEB79C5E7A17A5B12566307CFD347" content-type: text/javascript vary: Accept-Encoding content-length: 111657 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdntoos.hcm2233.com/hall/api/lobby/h5/config/getAccessRestrictedInfo/language/vi.json	3.167.2.113	200 OK	3.3 kB
URL GET cdntoos.hcm2233.com/hall/api/lobby/h5/config/getAccessRestrictedInfo/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (3288), with no line terminators Size 3.3 kB (3288 bytes) Hash 01b01fb73f8f27085137529dd53e7cd5 fb85abd502229ac8489ea506371c0e8605ea5eb0 b88b33a77c6334e4c3d853eda7e49362077c653bf4752336c443e8b117b7919b HTTP Headers GET /hall/api/lobby/h5/config/getAccessRestrictedInfo/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json alt-svc: h3=":443"; ma=86400 age: 574 server: AliyunOSS x-oss-request-id: 681C18DF1E3C9231C36F44EE access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Wed, 07 May 2025 19:05:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 12125146019006602170 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: AbAftz+PJwhRN1Kd1T581Q== x-oss-server-time: 7 content-encoding: gzip date: Fri, 09 May 2025 01:21:05 GMT cache-control: s-maxage=600,public,max-age=0 etag: "01B01FB73F8F27085137529DD53E7CD5" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 x-amz-cf-id: G99U_Q0copp9PqN0TVmJUbShRGHD513DxRtfu59I_oJMeQBTzD-eIA==

	cdntoos.hcm2233.com/active/ActiveImg37430422109426829.avif	3.167.2.113	200 OK	98 kB
URL GET cdntoos.hcm2233.com/active/ActiveImg37430422109426829.avif IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ISO Media, AVIF Image Sequence Size 98 kB (98475 bytes) Hash 8d853684781d67cb4024baf84e311cd7 ed5da86d04aa868038f40cb9b9d2e1c0b3a739c9 fa07bac910d656a02e1187a7eb9ed7cb80bc9dfeb40cde782ec3e08c151b3806 HTTP Headers `GET /active/ActiveImg37430422109426829.avif HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: image/avif content-length: 98475 age: 25482 server: AliyunOSS date: Thu, 08 May 2025 18:26:01 GMT x-oss-request-id: 681CF739690BB9B4A18761DF accept-ranges: bytes etag: "8D853684781D67CB4024BAF84E311CD7" last-modified: Tue, 03 Dec 2024 14:42:26 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 17420804801202428428 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: jYU2hHgdZ8tAJLr4TjEc1w== x-oss-server-time: 33 x-cache: Hit from cloudfront via: 1.1 74cb6ad66f88e47ae011abd64e57e7cc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 vary: Origin x-amz-cf-id: AS8JlAy1XgQSX_59DcG2NM3rXbw7p1wQgVYO0qmDT8FeS5ElqzNApg==

	w2.4hxn3e.shop/assets/theme-1/WithdrawRecordIndex.zw6QeMRe.css	34.144.193.180	200 OK	1.9 kB
URL GET w2.4hxn3e.shop/assets/theme-1/WithdrawRecordIndex.zw6QeMRe.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (1900) Size 1.9 kB (1901 bytes) Hash 0d5a1ec49f210bb245a17088a9c6a22d 3b791e8730a464765ae88b1ac63f6556b9951177 5b79a092e10e7cf2000921699d5c6682b97757ac36a2b40badee180961555b96 HTTP Headers `GET /assets/theme-1/WithdrawRecordIndex.zw6QeMRe.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:44 GMT content-type: text/css vary: Accept-Encoding x-oss-request-id: 681D5AC4637FD232358936BF last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1529167676947947240 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: DVoexJ8hC7JFoXCIqcaiLQ== x-oss-server-time: 3 content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdntoos.hcm2233.com/hall/api/active/quickList/currency/VND/language/vi.json	3.167.2.113	200 OK	1.5 kB
URL GET cdntoos.hcm2233.com/hall/api/active/quickList/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (1472), with no line terminators Size 1.5 kB (1472 bytes) Hash 6fbd8f50d7ab33812221509bd3b25483 8bd19f3d883b3614561a67f1297e1f310ba6ebe7 5008ccbf2e2cb2bec88d4b97795eaeab0f29ddfaa33bd9d825993d78ce9693e1 HTTP Headers GET /hall/api/active/quickList/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json age: 574 access-control-allow-origin: * server: AliyunOSS x-oss-request-id: 681CDA06CC39EAB9AFD91781 last-modified: Thu, 08 May 2025 15:04:51 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1472425651558255270 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: b72PUNerM4EiIVCb07JUgw== x-oss-server-time: 1 content-encoding: gzip date: Fri, 09 May 2025 01:21:09 GMT cache-control: s-maxage=600,max-age=0,public etag: "6FBD8F50D7AB33812221509BD3B25483" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 access-control-expose-headers: * x-amz-cf-id: cc8wKalWb3JJTPX5ZpRxfd9uMuJmCMrV3my4BHrzWvbYU76acASQIA==

	w2.4hxn3e.shop/assets/theme-1/ApplicationIndex.Dme8dPH-.css	34.144.193.180	200 OK	2.6 kB
URL GET w2.4hxn3e.shop/assets/theme-1/ApplicationIndex.Dme8dPH-.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (2561) Size 2.6 kB (2562 bytes) Hash 6812d3623b9cbed0a1cb2366b24cb27d 9c4b4acaf77dab1f1d592b4cfcb76c46b92bb033 69275921c7f5795ea7af9d68cfae6ae80588865de0fe51552fcb91fa7851fc62 HTTP Headers `GET /assets/theme-1/ApplicationIndex.Dme8dPH-.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72E5841FF313463A2C9 x-oss-object-type: Normal x-oss-hash-crc64ecma: 13759975722542989312 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: aBLTYjucvtChyyNmskyyfQ== x-oss-server-time: 11 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:25:50 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT content-type: text/css vary: Accept-Encoding content-length: 713 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/siteadmin/layoutDesign/1728075556858904578.png	104.18.24.129	200 OK	4.3 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728075556858904578.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 80 x 70, 8-bit colormap, non-interlaced Size 4.3 kB (4293 bytes) Hash 9219c305d50c2dca99e31e278cf06083 af3434f604d71e616cec276de96e6e1093ab7bed e5e353a8b9930fced1bfb715f84e2eab6697a2dc8ff01173a62419120b0cd2f4 HTTP Headers `GET /siteadmin/layoutDesign/1728075556858904578.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 4293 x-oss-request-id: 68178B937DAC2CB4E21B95BF vary: Origin, Accept-Encoding etag: "9219C305D50C2DCA99E31E278CF06083" last-modified: Fri, 24 Nov 2023 15:38:14 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 7561906033790911191 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: khnDBdUMLcqZ4x4njPBggw== x-oss-server-time: 3 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea72bb6b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/layoutDesign/1728774109036003329.png	104.18.24.129	200 OK	2.6 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728774109036003329.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced Size 2.6 kB (2578 bytes) Hash 3359bad288765fac5907fc69ecd4750d 8848fd70b929d3b4a4626f8d7854d7aa18cdc38b 6f065c70b2c762ffcbdde389feb514ecfb323172d1f868348e932429debac29f HTTP Headers `GET /siteadmin/layoutDesign/1728774109036003329.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 2578 x-oss-request-id: 681C0E6D048FEF8C7F5813F4 vary: Origin, Accept-Encoding etag: "3359BAD288765FAC5907FC69ECD4750D" last-modified: Sun, 26 Nov 2023 13:54:02 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 18399242154719494049 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: M1m60oh2X6xZB/xp7NR1DQ== x-oss-server-time: 29 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea81c28b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/assets/theme-1/ListedRewardsIndex.BUxPQ_dU.js	34.144.193.180	200 OK	457 B
URL GET w2.4hxn3e.shop/assets/theme-1/ListedRewardsIndex.BUxPQ_dU.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (400) Size 457 B (457 bytes) Hash 953affb9fcaf511082d079c45d22f214 9664e9b57479d631507c8524c877bb6f51f0f8a2 5dd0317e3cef39611a1ffd9a100a7e4a5bbd0407a7a88cf39a7301bc5ef07ab8 HTTP Headers `GET /assets/theme-1/ListedRewardsIndex.BUxPQ_dU.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/PureListIndex.CkMT4Ie1.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS content-length: 457 x-oss-request-id: 681CF730F1D29D3336AD10A2 accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 17490287709009342177 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: lTr/ufyvURCC0HnEXSLyFA== x-oss-server-time: 3 via: 1.1 google date: Thu, 08 May 2025 18:25:52 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: "953AFFB9FCAF511082D079C45D22F214" content-type: text/javascript age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdntoos.hcm2255.com/cocos/maintain-time.json?timestamp=1746754232683	13.107.246.53	404 Not Found	400 B
URL GET cdntoos.hcm2255.com/cocos/maintain-time.json?timestamp=1746754232683 IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://w2.4hxn3e.shop/ Certificate IssuerDigiCert, Inc. Subjectcdntoos.hcm2255.com Fingerprint6B:0F:B3:8C:B4:2C:50:0A:C0:2C:DF:00:F4:FE:F8:1A:CE:58:D9:D0 ValidityMon, 17 Feb 2025 00:00:00 GMT - Sun, 17 Aug 2025 23:59:59 GMT File type XML 1.0 document, ASCII text Size 400 B (400 bytes) Hash c893a6fa8af8aaf18af8663481b6803b a6fd95d22425ff3b14e62de132358c42797163bf b59a183d8ae1d4f813c63ecf332d6965f11d70bd2a87f2031e9c81e0cffcf234 HTTP Headers `GET /cocos/maintain-time.json?timestamp=1746754232683 HTTP/1.1 Host: cdntoos.hcm2255.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 404 Not Found date: Fri, 09 May 2025 01:30:36 GMT content-type: application/xml content-length: 400 x-oss-request-id: 681D5ABCDE669353D28F3FEB vary: Origin access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 x-oss-server-time: 1 x-oss-ec: 0026-00000001 x-azure-ref: 20250509T013035Z-16c476b8794dxkdghC1SVGtfpg0000000k80000000005mh5 x-fd-int-roxy-purgeid: 3067 x-cache: TCP_MISS X-Firefox-Spdy: h2`

	hcm2244.com/hall/api/agent/promote/pointer/domain	104.18.25.129	200 OK	50 B
URL POST hcm2244.com/hall/api/agent/promote/pointer/domain IP 104.18.25.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm2244.com Fingerprint1E:FC:82:F5:D7:8C:88:C1:C8:AB:8F:34:19:36:B0:F3:BC:B3:1D:48 ValidityTue, 11 Mar 2025 10:49:09 GMT - Mon, 09 Jun 2025 11:49:02 GMT File type JSON text data Size 50 B (50 bytes) Hash faaf39249984863fdcf41111b5d1a731 0304387d8ef88e50055fa24f6179824539bdbee6 59a3b33e22d5b910f251af89df65fe7438a5e0f76a304c864d79ebc5133c1770 HTTP Headers POST /hall/api/agent/promote/pointer/domain HTTP/1.1 Host: hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: vi Accept-Encoding: gzip, deflate, br Content-Type: application/json x-object-id: {"uid":"","browserLanguage":"en-US","init":{"created":1746754232103,"version":1746700671000}} platformType: 5 devicetype: 3 x-device: 1-1 x-data-mode: plain x-request-id: a574d582-adf9-4cdb-b539-213d10ebc11f device: b9acb4d2-198e-453c-b131-4c558c83ca52 currency: VND timestamp: 1746754236 nonce: a574d582-adf9-4cdb-b539-213d10ebc11f sign: F6NxCVZkqOLswAenqqpeVaNDbKSHpaTPWT7JjSn8XGeZarqZOd/zPSmgi0tyWQVU siteCode: 285 language: vi token: b2e3d672-9d88-47a7-81b4-9d7ffc62054f auth: undefined deviceModel: Firefox v134.0 physicalDeviceModel: unknown operatingSystem: Windows deviceBrand: unknown browserType: Firefox v134.0 appSystem: Windows 10 domain: w2.4hxn3e.shop webauthnDomain: w2.4hxn3e.shop clienttimezone: 0 x-custom-referer: https://w2.4hxn3e.shop/ x-version: 6.0.52 browserfingerid: appVersion: v6.0.52 Content-Length: 67 Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: application/json; charset=utf-8 set-cookie: acw_tc=0a094e2417467542383833814e5601580c55d35bc63713e382e9bee6c52f02;path=/;HttpOnly;Max-Age=1800 api-cache: false cache-control: no-cache x-env-go-biz-agent-server: 0 x-env-go-biz-gateway: 0 x-server-version: 4.0.0 x-trace-id: 570b82527e5705dd access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true access-control-allow-origin: * cf-cache-status: DYNAMIC priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ec53feab4f1-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	hcm66awscdn.hcm2222.com/hall/home/heartbeat	3.167.2.12	200 OK	0 B
URL OPTIONS hcm66awscdn.hcm2222.com/hall/home/heartbeat IP 3.167.2.12:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjecthcm66awscdn.hcm2222.com Fingerprint93:2C:1D:A9:5C:90:25:7D:73:A9:C6:F1:92:C5:52:AD:B8:35:B0:17 ValidityFri, 27 Sep 2024 00:00:00 GMT - Sun, 26 Oct 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /hall/home/heartbeat HTTP/1.1 Host: hcm66awscdn.hcm2222.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/octet-stream content-length: 0 date: Fri, 09 May 2025 01:30:42 GMT access-control-allow-headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version set-cookie: acw_tc=0a094e2617467542429134170e4987c13e6ef2f314e770be368b4176f7b3a0;path=/;HttpOnly;Max-Age=1800 access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true access-control-allow-origin: * x-cache: Miss from cloudfront via: 1.1 dfa43a17d6715f83d8bb6aa560e80366.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: HycOxP5fSGtJwcafZVgOTUmUcnKnuGHdIHF1zAx0K4QELfYf5lUCSg== X-Firefox-Spdy: h2

	w2.4hxn3e.shop/assets/theme-1/2_TaskDialogsChunk.BkxH8RLv.css	34.144.193.180	200 OK	3.0 kB
URL GET w2.4hxn3e.shop/assets/theme-1/2_TaskDialogsChunk.BkxH8RLv.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (3010) Size 3.0 kB (3011 bytes) Hash afc090e189298f79adf25f584965c5bc 8f0951afea14095e3b6b9e6bc3cc14b97ed3cc44 28da9af81f1e31bc3baca0bf0d3f596805d2e9e01afcb0d5f072cf011cc8ec6f HTTP Headers `GET /assets/theme-1/2_TaskDialogsChunk.BkxH8RLv.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681D4717231938303808C9D1 x-oss-object-type: Normal x-oss-hash-crc64ecma: 15189521923622678850 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: r8CQ4Ykpj3mt8l9YSWXFvA== x-oss-server-time: 17 content-encoding: gzip via: 1.1 google date: Fri, 09 May 2025 00:06:47 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT content-type: text/css vary: Accept-Encoding content-length: 921 age: 5040 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/FindUsIndex.DJcNTMqH.js	34.144.193.180	200 OK	4.5 kB
URL GET w2.4hxn3e.shop/assets/theme-1/FindUsIndex.DJcNTMqH.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (4432) Size 4.5 kB (4482 bytes) Hash e1e2113be68e5d2f8b433e2b33ca302e 7811effd95a045a20de7704a632c5a546aeff4b8 3f3eed1134d199a2f004c4a32e9cb344b6fcba9f9043e28d9ca77aa8e67cb066 HTTP Headers `GET /assets/theme-1/FindUsIndex.DJcNTMqH.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/FindUsIndex.CtR8ZZHo.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:46 GMT content-type: text/javascript x-oss-request-id: 681D5AC6637FD23235F14ABF accept-ranges: none etag: W/"E1E2113BE68E5D2F8B433E2B33CA302E" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 6089467917822353329 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: 4eIRO+aOXS+LQz4rM8owLg== x-oss-server-time: 3 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ntk16.hcm660.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	104.21.96.1	302 Found	8.4 kB
URL GET ntk16.hcm660.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ntk16.hcm660.com/index2.php Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type Size 8.4 kB (8393 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8; uUrl=w2.4hxn3e.shop Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 302 Found date: Fri, 09 May 2025 01:30:29 GMT content-length: 0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oruimHeUep%2B3WyU711d23yUndV3jbaP9cL45woCVpdNc6B5xQXH5GGSZ7Fi7ACdNIiQyoQivrRM%2B4PTypv74m8TJY7d8csSYqDkQo35iZqRh9Dn9bZuFDVterFwtxtDz%2Bdhm"}],"group":"cf-nel","max_age":604800} location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/701fd2559006/main.js? cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public access-control-allow-origin: * cf-ray: 93cd6e8ef98b568b-OSL server: cloudflare vary: Accept-Encoding nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=4718&min_rtt=1397&rtt_var=4495&sent=38&recv=27&lost=0&retrans=0&sent_bytes=17001&recv_bytes=3596&delivery_rate=615426&cwnd=12000&unsent_bytes=0&cid=8dd6d7e55a4db7ba&ts=695&x=16"

	o566mch.hcm665.com/cocos/maintain-time.json?timestamp=1746754232683	104.18.24.129	404 Not Found	400 B
URL GET o566mch.hcm665.com/cocos/maintain-time.json?timestamp=1746754232683 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type XML 1.0 document, ASCII text Size 400 B (400 bytes) Hash ae8c51f66908b7398c291b3b23a9f94e 2d53a17a86b45f66d0fd0cd21792901c92b8cef3 f3e737730e45d4767262f63ca4eeeb91fca9ba973c51f279cfda77436e39aac3 HTTP Headers `GET /cocos/maintain-time.json?timestamp=1746754232683 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 404 Not Found date: Fri, 09 May 2025 01:30:33 GMT content-type: application/xml x-oss-request-id: 681D5AB9B724A511D312C022 vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 x-oss-server-time: 2 x-oss-ec: 0026-00000001 cf-cache-status: MISS server: cloudflare cf-ray: 93cd6ea2681d712f-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/common/_sprite/icon_dt_1gd.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	1.6 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/common/_sprite/icon_dt_1gd.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 1.6 kB (1571 bytes) Hash 6f5cb7ab09cc1025a87f620b9e3cc965 f1cd3c14492dae2fb5f6724eb59a4f96be28b98f 5332b11d91c00ee1fa4f29e94b5d689e5c5980827b984a3fbd999e3b5c0780f3 HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-11/common/_sprite/icon_dt_1gd.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 1571 x-oss-request-id: 681CACECDA25D3580DCB78BB vary: Origin, Accept-Encoding etag: "6F5CB7AB09CC1025A87F620B9E3CC965" last-modified: Wed, 07 May 2025 10:18:11 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8353034930746110871 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: b1y3qwnMECWof2ILnjzJZQ== x-oss-server-time: 5 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea72bbbb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/game_pictures/g/CL/200/3/2000074/default.avif	104.18.24.129	200 OK	10 kB
URL GET o566mch.hcm665.com/game_pictures/g/CL/200/3/2000074/default.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 10 kB (10459 bytes) Hash dfd35fa34dcafb187b3a0f87e39ff82a ce21feaf39754481fec37b095e14717dc79723bc f5bb285126b560384118b0b31d42eed55a342f88735c2021a41241e6698e3ed7 HTTP Headers `GET /game_pictures/g/CL/200/3/2000074/default.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 10459 x-oss-request-id: 68178F221E3C9231C399EFF9 vary: Origin, Accept-Encoding etag: "DFD35FA34DCAFB187B3A0F87E39FF82A" last-modified: Wed, 26 Feb 2025 02:14:16 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 16117374488963003041 x-oss-storage-class: Standard cache-control: max-age=1800,stale-while-revalidate=86400,immutable,proxy-revalidate,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: 39Nfo03K+xh7Og+H45/4Kg== x-oss-server-time: 0 cf-cache-status: HIT age: 573 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa2d06b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/cocos/maintain-time.json?timestamp=1746754232683	104.18.24.129	404 Not Found	400 B
URL GET o566mch.hcm665.com/cocos/maintain-time.json?timestamp=1746754232683 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type XML 1.0 document, ASCII text Size 400 B (400 bytes) Hash ae8c51f66908b7398c291b3b23a9f94e 2d53a17a86b45f66d0fd0cd21792901c92b8cef3 f3e737730e45d4767262f63ca4eeeb91fca9ba973c51f279cfda77436e39aac3 HTTP Headers `GET /cocos/maintain-time.json?timestamp=1746754232683 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 404 Not Found date: Fri, 09 May 2025 01:30:36 GMT content-type: application/xml x-oss-request-id: 681D5AB9B724A511D312C022 vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 x-oss-server-time: 2 x-oss-ec: 0026-00000001 cf-cache-status: HIT age: 3 priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ebbdef0b503-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/hall/api/lobby/config/getAppDownloadInfo.json	3.167.2.113	200 OK	1.1 kB
URL GET cdntoos.hcm2233.com/hall/api/lobby/config/getAppDownloadInfo.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (1068), with no line terminators Size 1.1 kB (1068 bytes) Hash fc7de8c87a988a24920eb97154c713aa 921b529062e9ba66c99ee29aa2b92581486e74bc f664c7291aa98777f244506097ee1b220271ccd24fcdc978b918e9760e145e1c HTTP Headers `GET /hall/api/lobby/config/getAppDownloadInfo.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: application/json alt-svc: h3=":443"; ma=86400 age: 581 server: AliyunOSS x-oss-request-id: 681D08F2F53B5C3C9FA39683 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Wed, 07 May 2025 19:05:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 15634743082186346497 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: /H3oyHqYiiSSDrlxVMcTqg== x-oss-server-time: 1 content-encoding: gzip date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,public,max-age=0 etag: "FC7DE8C87A988A24920EB97154C713AA" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 x-amz-cf-id: Oiqgmqk2MbPJch8DPAKCpKzpTwdskd7X9c7lEKXTg5yOUVW8RfNYLQ==

	w2.4hxn3e.shop/assets/theme-1/2_DownloadDialogsChunk.CmXLXoCB.js	34.144.193.180	200 OK	34 kB
URL GET w2.4hxn3e.shop/assets/theme-1/2_DownloadDialogsChunk.CmXLXoCB.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, ASCII text, with very long lines (33573) Size 34 kB (34100 bytes) Hash 88410a92e7757918668dfd1fa4b972b3 1f7c3b6f620a88546a2b22800282da9b0a4ef95b 5bc177dee4a7f6d32b4869e2e63484a8be505a094c26e449671a5058724c66ea HTTP Headers `GET /assets/theme-1/2_DownloadDialogsChunk.CmXLXoCB.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:46 GMT content-type: text/javascript x-oss-request-id: 681D5AC640058435374340E6 accept-ranges: none etag: W/"88410A92E7757918668DFD1FA4B972B3" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10079456024685512011 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: iEEKkud1eRhmjf0fpLlysw== x-oss-server-time: 6 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/vendors/vendor-.BTvCGXRh.js	34.144.193.180	200 OK	304 kB
URL GET w2.4hxn3e.shop/assets/vendors/vendor-.BTvCGXRh.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (29590) Size 304 kB (303876 bytes) Hash 7ba29ea370ca8e9e5618cd8b8519189a ced82b0b4cbe03d125d98f7e360514b6dbd068b4 63fe1d2a9cbcdbd7a45d70a256522d35c5b7b5f5482fb29562383bfbb7d691ae HTTP Headers `GET /assets/vendors/vendor-.BTvCGXRh.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:31 GMT content-type: text/javascript x-oss-request-id: 681D5AB77859E43133B1E3E1 accept-ranges: none etag: W/"7BA29EA370CA8E9E5618CD8B8519189A" last-modified: Fri, 09 May 2025 01:28:11 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 6130061548196540833 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: e6Keo3DKjp5WGM2LhRkYmg== x-oss-server-time: 8 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_by_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	2.1 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_by_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 2.1 kB (2053 bytes) Hash 798b36e4d178572233f953ac0528b8ce 7303077407e6cddc5e1eb08c9f39c9b5aeb07eda e7598920cb06042cf8d9696cc6b1f2c4ac57d08246f5334930cd05ff0082476d HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_by_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 2053 x-oss-request-id: 681CACECCC39EAB9AF67C723 vary: Origin, Accept-Encoding etag: "798B36E4D178572233F953AC0528B8CE" last-modified: Thu, 06 Mar 2025 03:37:12 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8531949581686361262 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: eYs25NF4VyIz+VOsBSi4zg== x-oss-server-time: 1 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea77be6b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/assets/theme-1/EmbeddedIndex.wm5PQlhD.js	34.144.193.180	200 OK	1.1 kB
URL GET w2.4hxn3e.shop/assets/theme-1/EmbeddedIndex.wm5PQlhD.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (1009) Size 1.1 kB (1061 bytes) Hash f507a5c65b9a5e7c2e904a760fb0832d 49617b273966492e7df1f8461d294b437c5bd3e5 2c958e43cf1635ce5da36033a306b27440c2c65ac40c9cfc2b73986c9023071a HTTP Headers `GET /assets/theme-1/EmbeddedIndex.wm5PQlhD.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/StyleIndex.CcIU4Plm.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF730FE67F33634C683CC accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 6093569570157993259 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: 9QelxluaXnwukEp2D7CDLQ== x-oss-server-time: 4 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:52 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"F507A5C65B9A5E7C2E904A760FB0832D" content-type: text/javascript vary: Accept-Encoding content-length: 528 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/2_DownloadDialogsChunk.Cug2kWCg.css	34.144.193.180	200 OK	31 kB
URL GET w2.4hxn3e.shop/assets/theme-1/2_DownloadDialogsChunk.Cug2kWCg.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (30781) Size 31 kB (30782 bytes) Hash 11a915ea3381207d85d243ebf5e54979 c9d01cbfb076e7d2ed95e40fcc2ea2a4717958ad 817dd6807d9b936026dd2cea27952aa9a328a8f08593c1177eb0dea1a0c2beea HTTP Headers `GET /assets/theme-1/2_DownloadDialogsChunk.Cug2kWCg.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF73B72154E3037FDBF03 x-oss-object-type: Normal x-oss-hash-crc64ecma: 15339934244998552946 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: EakV6jOBIH2F0kPr9eVJeQ== x-oss-server-time: 8 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:26:03 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT content-type: text/css vary: Accept-Encoding content-length: 4514 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/FindUsIndex.CtR8ZZHo.js	34.144.193.180	200 OK	4.5 kB
URL GET w2.4hxn3e.shop/assets/theme-1/FindUsIndex.CtR8ZZHo.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (4456) Size 4.5 kB (4506 bytes) Hash 3afe1b93a0499f0d74b4daf3adf0edf3 92631d48b4ee98a0f0da4c525bbd230ffbf683e7 4388bbc52aec3623e4d1cff19e56eecde70b5ed42848d481aecf9874362c1c85 HTTP Headers `GET /assets/theme-1/FindUsIndex.CtR8ZZHo.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:46 GMT content-type: text/javascript x-oss-request-id: 681D5AC640058435378543E6 accept-ranges: none etag: W/"3AFE1B93A0499F0D74B4DAF3ADF0EDF3" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 16432333460414859283 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: Ov4bk6BJnw10tNrzrfDt8w== x-oss-server-time: 6 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/2_EventDialogsChunk.DQgwOklw.css	34.144.193.180	200 OK	61 kB
URL GET w2.4hxn3e.shop/assets/theme-1/2_EventDialogsChunk.DQgwOklw.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (61216) Size 61 kB (61217 bytes) Hash 364dc2fc5b3a1f3e8ea256a531545beb 480bc67cf7f1243c681f34a575775230ac59f7fc 4796eb173680c66316d51dcffbfd3e84c1487b47fd515b33060472cc21073ecf HTTP Headers `GET /assets/theme-1/2_EventDialogsChunk.DQgwOklw.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF73D08EA323038D01DDD x-oss-object-type: Normal x-oss-hash-crc64ecma: 6880289236074088845 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: Nk3C/Fs6Hz6OolalMVRb6w== x-oss-server-time: 4 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:26:05 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT content-type: text/css vary: Accept-Encoding content-length: 8494 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ntk16.hcm660.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/701fd2559006/main.js?	104.21.96.1	200 OK	8.4 kB
URL GET ntk16.hcm660.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/701fd2559006/main.js? IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ntk16.hcm660.com/index2.php Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type JavaScript source, ASCII text, with very long lines (8393), with no line terminators Size 8.4 kB (8393 bytes) Hash 5b0fd8f8f3ba19c04b38a6a72da4e8d9 1e9d303434df80c6c2cbc13a7b69358febba35d0 87ed946a93fc59fedd76555b3404540dd4184bbe1526cf167f20cbe458ff15fb HTTP Headers GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/701fd2559006/main.js? HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8; uUrl=w2.4hxn3e.shop; cf_clearance=cXNWLPjMcSF.Rd2BKG6pHI.ponv5JG7bN4HKjkt198A-1746754229-1.2.1.1-Yaazjel4DeeO9ka10VwjIdUAacpV.HBvRiKaH0PmQaacjQxqOAIRLdv1jGWOFy43rriQKHX2f8atDmaPMhzlpyOpCjser0nD9pBVuzigeSwkVsjiHFAWfcX3PfdGu7k9y28vQwrsXoBSsTcVVigUYMdL8X_Z_zmgty7T7_QvuAU_jvE6ADoa3LMi8r02L9yW7TSmmhnd7Rk.yMYNerbbgOqoga_QKQE3i8YC03ikFtWfSCeYgP8SWnSN05tI83k3.eRDpy9x646AXrq1GeICuUh4N_G9MFzF0.u4NaBGvX2LWcCPk2bi7mY8pB7_At8RtOY7FWp_jRvrWyZxMSjM9afS2G4Tk21Nc6lfRVWDeNs Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:29 GMT content-type: application/javascript; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BaoF%2FFsm9mwk%2BiutyJOzgnVmvSl6EzCnVh%2FtWADpEc8Vm5u4lGA4Ul%2FmFIwOFoaq3brOLvoz9pvPHyYJ%2BtyJC%2BB7XqaODJ23N0O8s%2BN3Gi2t2Vq5PjZ%2FjNorcEgQQvhO6Z0q"}],"group":"cf-nel","max_age":604800} cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public x-content-type-options: nosniff content-encoding: br cf-ray: 93cd6e90498e568b-OSL server: cloudflare vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=4076&min_rtt=1397&rtt_var=3680&sent=52&recv=40&lost=0&retrans=0&sent_bytes=18984&recv_bytes=17277&delivery_rate=30321&cwnd=12000&unsent_bytes=0&cid=8dd6d7e55a4db7ba&ts=907&x=16"

	o566mch.hcm665.com/hall/api/lobby/aboutUs/index/getInfo/language/vi.json	104.18.24.129	200 OK	128 B
URL GET o566mch.hcm665.com/hall/api/lobby/aboutUs/index/getInfo/language/vi.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with no line terminators Size 128 B (128 bytes) Hash 9dc38564e7b4d59259f17bcb8a7ead69 6241208b3854901a44e5160be1a9dc1d5b01d2d3 6e7fb412221ae5e55727259359c2da9446c2c3521840246262be3816772c46bd HTTP Headers `GET /hall/api/lobby/aboutUs/index/getInfo/language/vi.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:34 GMT content-type: application/json x-oss-request-id: 681CACECCC39EAB9AF67C6AA vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 etag: W/"9DC38564E7B4D59259F17BCB8A7EAD69" last-modified: Wed, 07 May 2025 19:05:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8265546405741342027 x-oss-storage-class: Standard cache-control: s-maxage=600,public,max-age=0 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: ncOFZOe01ZJZ8XvLin6taQ== x-oss-server-time: 1 cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ea96cc3b503-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/assets/theme-1/ApplicationIndex.Cp10XnQG.js	34.144.193.180	200 OK	1.5 kB
URL GET w2.4hxn3e.shop/assets/theme-1/ApplicationIndex.Cp10XnQG.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (1441) Size 1.5 kB (1496 bytes) Hash ce68efcbf40902801a9b4a628d648a46 f310ce4d129705a48ef098e85a3894bee339dcc5 68162f6acfc0f70e131b6362c303c08242c2676319aff058559a32c8f4fcccb6 HTTP Headers `GET /assets/theme-1/ApplicationIndex.Cp10XnQG.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/StyleIndex.CcIU4Plm.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF73008EA3230382DC6DC accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 18385806865482022850 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: zmjvy/QJAoAam0pijWSKRg== x-oss-server-time: 4 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:52 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"CE68EFCBF40902801A9B4A628D648A46" content-type: text/javascript vary: Accept-Encoding content-length: 749 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/hall/api/backstage/system/status/currency/VND/language/vi/osType/4/platformType/5.json	104.18.24.129	200 OK	19 kB
URL GET o566mch.hcm665.com/hall/api/backstage/system/status/currency/VND/language/vi/osType/4/platformType/5.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (18648), with no line terminators Size 19 kB (18648 bytes) Hash 522da98342e3ef299793410f1f07e41b 315c5ce249e11aad10de217259f1016fbb1cb907 bb61edc15baba38117e701027545b4f46da54d0d33c1181e558315a1e87fdb13 HTTP Headers GET /hall/api/backstage/system/status/currency/VND/language/vi/osType/4/platformType/5.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:35 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681D50E71E3C9231C3FDA72E access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Fri, 09 May 2025 00:23:21 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 18091914636473273918 x-oss-storage-class: Standard cache-control: s-maxage=600,max-age=0,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: Ui2pg0Lj7ymXk0EPHwfkGw== x-oss-server-time: 1 content-encoding: gzip cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6eb4cb0bb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskThreeDay/currency/VND/language/vi.json	3.167.2.113	200 OK	216 B
URL GET cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskThreeDay/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 216 B (216 bytes) Hash 3fb10e4035400bbbd78225a511c4d1db 71757e2815ff352b676825463e19911f36248cae 4f60c3b842f18f480fa877c24cbea815cf16a978ca4d558f85694f358fdacae3 HTTP Headers GET /hall/api/active/tasks/pop_taskThreeDay/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 216 age: 574 server: AliyunOSS x-oss-request-id: 681D4F8A40D0029A5CFA151F access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9197287135474774808 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: P7EOQDVAC7vXgiWlEcTR2w== x-oss-server-time: 2 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "3FB10E4035400BBBD78225A511C4D1DB" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: mBT3hvfhEMfRQfqUPQV2y886te1eCAKy0gO55WQAco6CbJyTpmJrLQ==

	hcm66awscdn.hcm2222.com/ipacdn.txt	3.167.2.12	200 OK	2 B
URL GET hcm66awscdn.hcm2222.com/ipacdn.txt IP 3.167.2.12:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjecthcm66awscdn.hcm2222.com Fingerprint93:2C:1D:A9:5C:90:25:7D:73:A9:C6:F1:92:C5:52:AD:B8:35:B0:17 ValidityFri, 27 Sep 2024 00:00:00 GMT - Sun, 26 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers `GET /ipacdn.txt HTTP/1.1 Host: hcm66awscdn.hcm2222.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/plain content-length: 2 date: Tue, 18 Mar 2025 12:21:49 GMT set-cookie: acw_tc=f06326e03314064fe783ee1bfa253b116fc37b04899864d32e7f64cd5b0ab262;path=/;HttpOnly;Max-Age=1800 cache-control: s-maxage=315360000,max-age=0,public access-control-allow-origin: * access-control-max-age: 3600 access-control-allow-credentials: true x-cache: Hit from cloudfront via: 1.1 dfa43a17d6715f83d8bb6aa560e80366.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: gex5k6LPDKd91XGjb-q9gb7ySOqr4DPWm8aJ1Q7emtAnDQRvl-XTFA== age: 4453729 X-Firefox-Spdy: h2

	w2.4hxn3e.shop/assets/theme-1/StyleIndex.Kboey3na.css	34.144.193.180	200 OK	51 kB
URL GET w2.4hxn3e.shop/assets/theme-1/StyleIndex.Kboey3na.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (50666) Size 51 kB (50667 bytes) Hash 0fa6094258fcd8f11a5c23f29a052a59 d1fb7a38451a376a6ed6220a2ba21860ab9df85a 802e0f74bd709a691651c97453f6b7419c426de543d7791f3ff88f33f98463b4 HTTP Headers `GET /assets/theme-1/StyleIndex.Kboey3na.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF73A72154E303753B603 x-oss-object-type: Normal x-oss-hash-crc64ecma: 10378383322616081151 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: D6YJQlj82PEaXCPymgUqWQ== x-oss-server-time: 8 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:26:02 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT content-type: text/css vary: Accept-Encoding content-length: 7708 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/BlindBoxIndex.wtYR0s-Q.js	34.144.193.180	200 OK	3.0 kB
URL GET w2.4hxn3e.shop/assets/theme-1/BlindBoxIndex.wtYR0s-Q.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (2906) Size 3.0 kB (2958 bytes) Hash 8cc82b9659eccadedf7ad5d572836c1e 23d2b2ddff737de33880a1b817e37b11fb0a44c9 8af620af9fd92f05ada1219b635117ba9896c42e4f12c27a4738ac823b71cea7 HTTP Headers `GET /assets/theme-1/BlindBoxIndex.wtYR0s-Q.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72C06F3A43736F5DCE9 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 6582616670634681076 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: jMgrllnsyt7fetXVcoNsHg== x-oss-server-time: 5 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:48 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"8CC82B9659ECCADEDF7AD5D572836C1E" content-type: text/javascript vary: Accept-Encoding content-length: 1150 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/cocos/config_data.json?timestamp=1746754232448	104.18.24.129	200 OK	3.4 kB
URL GET o566mch.hcm665.com/cocos/config_data.json?timestamp=1746754232448 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (3352), with no line terminators Size 3.4 kB (3352 bytes) Hash 26f6f4135cc87824f5962673067222f9 cf84b44410a9b7d2648fd61afb17fae70adc56d4 d90c73405fd6491a8083c178eea466369e163af5587f7118fca7f4e6dc1672d5 HTTP Headers `GET /cocos/config_data.json?timestamp=1746754232448 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681D5AB840D0029A5C0EEDA3 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Mon, 05 May 2025 14:27:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 14235860617735471313 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: Jvb0E1zIeCT1liZzBnIi+Q== x-oss-server-time: 1 content-encoding: gzip cf-cache-status: MISS server: cloudflare cf-ray: 93cd6ea1cfec712f-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	hcm2244.com/hall/api/agent/promote/binding/reportViewV2	104.18.25.129	200 OK	0 B
URL OPTIONS hcm2244.com/hall/api/agent/promote/binding/reportViewV2 IP 104.18.25.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm2244.com Fingerprint1E:FC:82:F5:D7:8C:88:C1:C8:AB:8F:34:19:36:B0:F3:BC:B3:1D:48 ValidityTue, 11 Mar 2025 10:49:09 GMT - Mon, 09 Jun 2025 11:49:02 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /hall/api/agent/promote/binding/reportViewV2 HTTP/1.1 Host: hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,content-type,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Fri, 09 May 2025 01:30:32 GMT content-type: application/octet-stream content-length: 0 set-cookie: acw_tc=0a0f6b6f17467542328475320e430d8986be05eacab89adea0d252f9d639d6;path=/;HttpOnly;Max-Age=1800 access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true access-control-allow-origin: * access-control-allow-headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,content-type,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version cf-cache-status: DYNAMIC server: cloudflare cf-ray: 93cd6ea239fbb51b-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	w2.4hxn3e.shop/assets/theme-1/PureListIndex.BiSFp9v_.css	34.144.193.180	200 OK	50 kB
URL GET w2.4hxn3e.shop/assets/theme-1/PureListIndex.BiSFp9v_.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (49914) Size 50 kB (49915 bytes) Hash 0208125de45c4d9a1fdd958f533b6e3d 88623794f6f630ab1cddb5f90a6d3341e92920f5 6d6fc95c6d6a71c8cb01bb7c06774b454aa8df55a6a392dfdebec7d4fb802b6c HTTP Headers `GET /assets/theme-1/PureListIndex.BiSFp9v_.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681D470975EC463235970F7A x-oss-object-type: Normal x-oss-hash-crc64ecma: 17425907806017459474 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: AggSXeRcTZof3ZWPUztuPQ== x-oss-server-time: 7 content-encoding: gzip via: 1.1 google date: Fri, 09 May 2025 00:06:33 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT content-type: text/css vary: Accept-Encoding content-length: 8246 age: 5040 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/hall/api/game/hall/listPlatformCateLoadV2/currency/VND/language/vi.json	104.18.24.129	200 OK	24 kB
URL GET o566mch.hcm665.com/hall/api/game/hall/listPlatformCateLoadV2/currency/VND/language/vi.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (23896), with no line terminators Size 24 kB (23896 bytes) Hash f1261ee6b0f1154c12dc7d84419fbca3 1a58fa463e162ac589af639b802f3a8dc1da75e7 1ef893764020b52aadcc028f1a0c64dec8fee97fb5fdd8a6370374216eb3e820 HTTP Headers GET /hall/api/game/hall/listPlatformCateLoadV2/currency/VND/language/vi.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:35 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681CBE0ADE669353D2785173 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Thu, 08 May 2025 13:43:30 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 5526917798455362680 x-oss-storage-class: Standard cache-control: s-maxage=600,public,max-age=0 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: 8SYe5rDxFUwS3H2EQZ+8ow== x-oss-server-time: 1 content-encoding: gzip cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6eb4aaf3b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	p0gceg-285-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1746754232683	47.254.187.197	404 Not Found	400 B
URL GET p0gceg-285-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1746754232683 IP 47.254.187.197:443 ASN #45102 Alibaba US Technology Co., Ltd. Requested by https://w2.4hxn3e.shop/ Certificate IssuerGlobalSign nv-sa Subject.oss-eu-central-1.aliyuncs.com Fingerprint82:9E:ED:B3:E5:61:6D:0D:52:77:3B:4A:1E:DF:68:54:AE:39:DA:01 ValidityTue, 06 May 2025 02:12:11 GMT - Tue, 03 Feb 2026 06:31:07 GMT File type XML 1.0 document, ASCII text Size 400 B (400 bytes) Hash 257f0b8dbea1f690ea5435aa7ff0de25 c0225bebfbbd5dcb5492c074bc93b0f68cb83569 1c46172aa8fb6d4279a50def916ae05eae26ecf79e7ee2556b4311c087b767f3 HTTP Headers GET /cocos/maintain-time.json?timestamp=1746754232683 HTTP/1.1 Host: p0gceg-285-ppp.oss-accelerate.aliyuncs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 404 Not Found Server: AliyunOSS Date: Fri, 09 May 2025 01:30:37 GMT Content-Type: application/xml Content-Length: 400 Connection: keep-alive x-oss-request-id: 681D5ABD40D0029A5C0EF845 Vary: Origin Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, HEAD, PUT Access-Control-Expose-Headers: Etag Access-Control-Max-Age: 200 x-oss-server-time: 2 x-oss-ec: 0026-00000001`

	hcm66awscdn.hcm2233.com/ipacdn.txt	3.167.2.74	200 OK	2 B
URL GET hcm66awscdn.hcm2233.com/ipacdn.txt IP 3.167.2.74:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjecthcm66awscdn.hcm2233.com FingerprintF9:45:21:C4:0F:8A:18:89:F1:CD:59:3A:C8:89:0C:08:B7:E2:FB:57 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers `GET /ipacdn.txt HTTP/1.1 Host: hcm66awscdn.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/plain content-length: 2 date: Thu, 17 Apr 2025 18:29:30 GMT set-cookie: acw_tc=0a0cca8417449145700647243e4dd35f2ed8fd04d804cdf9785be45cdc678b;path=/;HttpOnly;Max-Age=1800 cache-control: s-maxage=315360000,max-age=0,public access-control-allow-origin: * access-control-max-age: 3600 access-control-allow-credentials: true x-cache: Hit from cloudfront via: 1.1 74cb6ad66f88e47ae011abd64e57e7cc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: XIHoJxDIRfzWLCXlWnpliEzIN4vOHWWwuYiz29lyeYU8soe04ONNPQ== age: 1839668 X-Firefox-Spdy: h2

	hcm2244.com/hall/api/statistics/domain/pointer	104.18.25.129	200 OK	0 B
URL OPTIONS hcm2244.com/hall/api/statistics/domain/pointer IP 104.18.25.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm2244.com Fingerprint1E:FC:82:F5:D7:8C:88:C1:C8:AB:8F:34:19:36:B0:F3:BC:B3:1D:48 ValidityTue, 11 Mar 2025 10:49:09 GMT - Mon, 09 Jun 2025 11:49:02 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /hall/api/statistics/domain/pointer HTTP/1.1 Host: hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,content-type,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: application/octet-stream content-length: 0 set-cookie: acw_tc=0a0f6b7017467542382007934e3fb9ecc8becb271a9218b9f325a1a15ad41a;path=/;HttpOnly;Max-Age=1800 access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true access-control-allow-origin: * access-control-allow-headers: appsystem,appversion,auth,browserfingerid,browsertype,clienttimezone,content-type,currency,device,devicebrand,devicemodel,devicetype,domain,language,nonce,operatingsystem,physicaldevicemodel,platformtype,sign,sitecode,timestamp,token,webauthndomain,x-custom-referer,x-data-mode,x-device,x-object-id,x-request-id,x-version cf-cache-status: DYNAMIC priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ec41f91b4f1-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/assets/theme-1/LoginVerifyIndex.NLfcfJ2R.css	34.144.193.180	200 OK	249 B
URL GET w2.4hxn3e.shop/assets/theme-1/LoginVerifyIndex.NLfcfJ2R.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text Size 249 B (249 bytes) Hash e748b5026b607958a6073393f8468f18 62069e34914fd590ccff269f30fb4ff60694f8b7 ae71306f2eaccc9d717d235e887252a7ee6121edc6b9e5e97943e49248103d3c HTTP Headers `GET /assets/theme-1/LoginVerifyIndex.NLfcfJ2R.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS content-length: 249 x-oss-request-id: 681CF739F1D29D3336B549A2 accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 4038119887251658590 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: 50i1AmtgeVimBzOT+EaPGA== x-oss-server-time: 3 via: 1.1 google date: Thu, 08 May 2025 18:26:01 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT etag: "E748B5026B607958A6073393F8468F18" content-type: text/css age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdntoos.hcm2233.com/hall/active/category/currency/VND/language/vi.json	3.167.2.113	200 OK	34 kB
URL GET cdntoos.hcm2233.com/hall/active/category/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (34368), with no line terminators Size 34 kB (34368 bytes) Hash 3e85808fa54ee47f45322a86e9baeef4 0cc170d4c0f6b3bff8d3bbfa206fdc6133455a4d b0ef47f77c9d58e28db5eadacb03702a5e456b4d384548eacd0e39c8d346b142 HTTP Headers `GET /hall/active/category/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: application/json alt-svc: h3=":443"; ma=86400 age: 575 server: AliyunOSS x-oss-request-id: 681D4F9140D0029A5CFA22B8 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Fri, 09 May 2025 00:19:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 7516116957528660051 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: PoWAj6VO5H9FMiqG6bru9A== x-oss-server-time: 3 content-encoding: gzip date: Fri, 09 May 2025 01:21:11 GMT etag: "3E85808FA54EE47F45322A86E9BAEEF4" cache-control: s-maxage=600,max-age=0,public vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 x-amz-cf-id: KrY8Jbf8ZcoG7Vk2xiROVFTGWMeVr-XC3y-e44Zv7q6QVsgTnfMktQ==

	cdntoos.hcm2233.com/hall/api/active/pop_chop_one_knife/currency/VND/language/vi.json	3.167.2.113	200 OK	88 B
URL GET cdntoos.hcm2233.com/hall/api/active/pop_chop_one_knife/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 88 B (88 bytes) Hash be4db4b07193de2f8cb3a45b7b59d81a 896df11b9cabaca3155d0c766114561a7b3ab9d0 541f72ee02a85d7eb6eaae020dfa2884228016f81ed259fcf8173bcc61425a0c HTTP Headers GET /hall/api/active/pop_chop_one_knife/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 88 access-control-allow-origin: * server: AliyunOSS x-oss-request-id: 681CDA0ACD3972C8C2EC8599 accept-ranges: bytes last-modified: Thu, 08 May 2025 16:05:02 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8231254597430384151 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: vk20sHGT3i+Ms6Rbe1nYGg== x-oss-server-time: 2 date: Fri, 09 May 2025 01:21:12 GMT cache-control: s-maxage=600,max-age=0,public etag: "BE4DB4B07193DE2F8CB3A45B7B59D81A" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 access-control-expose-headers: * age: 575 x-amz-cf-id: 7qMlyMz2FoZczEeHbysmp15QKwg92umfkSEfH6k0wfirtH10xkCpxA==

	w2.4hxn3e.shop/	34.144.193.180	200 OK	85 kB
URL GET w2.4hxn3e.shop/ IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://ntk16.hcm660.com/index2.php Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (64057), with no line terminators Size 85 kB (85313 bytes) Hash e981dd2a19f8a1649969a1bf72405316 cf4e083f0f7b61049dfa10e5dd2d14d49a253a36 b09352352d7b9c40ac45363fad90cdfdfb58151b1cf7ccc3285230e2ce02da87 HTTP Headers `GET / HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ntk16.hcm660.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:30 GMT content-type: text/html vary: Accept-Encoding x-oss-request-id: 681D5AB64005843537EBB9E5 last-modified: Fri, 09 May 2025 01:30:16 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10613870333386954612 x-oss-storage-class: Standard cache-control: s-maxage=600,public,max-age=0 content-md5: 6YHdKhn4oWSZaaG/ckBTFg== x-oss-server-time: 9 content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	o566mch.hcm665.com/siteadmin/upload/img/1870484617921208322.avif	104.18.24.129	200 OK	75 kB
URL GET o566mch.hcm665.com/siteadmin/upload/img/1870484617921208322.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 75 kB (75251 bytes) Hash 851ef2f27da9785c0abe7dfb21d71bac 13864171935c56a5934498abfaee7c748a904a82 774fe3c3f83cea8c1e0c93b93088ba50707c91246078c465509ecc00ed3a5758 HTTP Headers `GET /siteadmin/upload/img/1870484617921208322.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 75251 x-oss-request-id: 68178F22CC39EAB9AF34BE03 vary: Origin, Accept-Encoding etag: "851EF2F27DA9785C0ABE7DFB21D71BAC" last-modified: Sat, 21 Dec 2024 15:01:05 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 12474635246944264766 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: hR7y8n2peFwKvn37IdcbrA== x-oss-server-time: 4 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea8fc95b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/common/_sprite/icon_dt_1xx_wd.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	1.2 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/common/_sprite/icon_dt_1xx_wd.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 1.2 kB (1235 bytes) Hash adbb21d29e8ab05d1faa4e9746805a95 7cf63d5be591a934d861a5a8bb3fc7c14e243507 19c600b7292395b10199f27eb249fe029ca2f5d675ea9f3fa2a766f7f74d8d8d HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-11/common/_sprite/icon_dt_1xx_wd.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:35 GMT content-type: image/avif content-length: 1235 x-oss-request-id: 681CACEE7DAC2CB4E261192E vary: Origin, Accept-Encoding etag: "ADBB21D29E8AB05D1FAA4E9746805A95" last-modified: Wed, 07 May 2025 10:17:21 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 11597177543994830412 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: rbsh0p6KsF0fqk6XRoBalQ== x-oss-server-time: 5 cf-cache-status: HIT age: 29819 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eb66c1bb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/pages/403/index.html?logId=page-403-log&payloadId=page-403-payload&title=HCM66&t=5822515	34.144.193.180	200 OK	85 kB
URL GET w2.4hxn3e.shop/pages/403/index.html?logId=page-403-log&payloadId=page-403-payload&title=HCM66&t=5822515 IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (64480) Size 85 kB (84757 bytes) Hash 4ec1f8f9d87155823a48241604f5c6d3 e063f8f9aeef088ecee57cfd4e38281cb97475f1 bc29bc273251b932c7f9a06904ec29b7e08ffe55f4dca96e08f6bd61bbe152ad HTTP Headers GET /pages/403/index.html?logId=page-403-log&payloadId=page-403-payload&title=HCM66&t=5822515 HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:40 GMT content-type: text/html vary: Accept-Encoding x-oss-request-id: 681D5AC0E9CC4C38361DB486 last-modified: Fri, 09 May 2025 01:28:12 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1792263190337624467 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: no-cache content-md5: 7DcWZIg5SKQozVC5+29tWw== x-oss-server-time: 7 content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/LoginVerifyIndex.CEOidabG.js	34.144.193.180	200 OK	435 B
URL GET w2.4hxn3e.shop/assets/theme-1/LoginVerifyIndex.CEOidabG.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (380) Size 435 B (435 bytes) Hash 09da04383707f0434f48c443dc1b4b7b e07e4da9f07bd65610f4ce7cf50f162eb9b9599d 085d9c96aa94839a588d55e536dd322246c7cb77191acb519b9d602589ebd2fe HTTP Headers `GET /assets/theme-1/LoginVerifyIndex.CEOidabG.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/WithdrawTaskIndex.K2R-QQIQ.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS content-length: 435 x-oss-request-id: 681CF739FE67F33634A8C2CC accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 10584735629244111803 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: CdoEODcH8ENPSMRD3BtLew== x-oss-server-time: 3 via: 1.1 google date: Thu, 08 May 2025 18:26:01 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: "09DA04383707F0434F48C443DC1B4B7B" content-type: text/javascript age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdntoos.hcm2233.com/hall/api/active/active_popRecharge/currency/VND/language/vi.json	3.167.2.113	200 OK	88 B
URL GET cdntoos.hcm2233.com/hall/api/active/active_popRecharge/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 88 B (88 bytes) Hash cfb4bf2a55b72d2017b73f1c70748b0a 10d51eb2630050ee5850cb6c41dc00052809aefa a5341d702efd210baf1519d476bca985313d2ebec7b764e2cef53de55caf6640 HTTP Headers GET /hall/api/active/active_popRecharge/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 88 access-control-allow-origin: * server: AliyunOSS x-oss-request-id: 681CDA0BDE669353D2BDD011 accept-ranges: bytes last-modified: Sun, 04 May 2025 22:36:10 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8030323034106399845 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: z7S/KlW3LSAXtz8ccHSLCg== x-oss-server-time: 1 date: Fri, 09 May 2025 01:21:13 GMT cache-control: s-maxage=600,max-age=0,public etag: "CFB4BF2A55B72D2017B73F1C70748B0A" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 access-control-expose-headers: * age: 574 x-amz-cf-id: FxsIjYGQvDvQArBxy8fzSsKhaVSdUVeLh4lP21WwlJFV4ZW3sQB05w==

	o566mch.hcm665.com/game_pictures/g/CL/56/1/560006/default.avif	104.18.24.129	200 OK	14 kB
URL GET o566mch.hcm665.com/game_pictures/g/CL/56/1/560006/default.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 14 kB (14038 bytes) Hash 516b9eb2b7c7492fd9f0b4c57135062c 5f799803a8e785238cbb82e798eb8a4c6be9480d 27c684039452b55c5f28db33e637786fe028df0c9f16e4cefca63fe1e1d6c0e6 HTTP Headers `GET /game_pictures/g/CL/56/1/560006/default.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: binary/octet-stream content-length: 14038 x-oss-request-id: 68178F227DAC2CB4E2246BBF vary: Origin, Accept-Encoding etag: "516B9EB2B7C7492FD9F0B4C57135062C" last-modified: Wed, 26 Feb 2025 02:15:35 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10059140012361436889 x-oss-storage-class: Standard cache-control: max-age=1800,stale-while-revalidate=86400,immutable,proxy-revalidate,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: UWuesrfHSS/Z8LTFcTUGLA== x-oss-server-time: 2 cf-cache-status: HIT age: 574 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa5d21b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	hcm66cfcdn.hcm2200.com/ipacdn.txt	104.18.24.129	200 OK	2 B
URL GET hcm66cfcdn.hcm2200.com/ipacdn.txt IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm66cfcdn.hcm2200.com Fingerprint90:32:B9:5F:DD:F3:65:E5:87:66:B1:28:90:FB:A1:7F:E2:08:92:93 ValiditySun, 23 Mar 2025 22:23:08 GMT - Sat, 21 Jun 2025 23:22:57 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers `GET /ipacdn.txt HTTP/1.1 Host: hcm66cfcdn.hcm2200.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: text/plain content-length: 2 set-cookie: acw_tc=0a0f6b6c17467542388313178e422f5aaadc1138b38bc47fd1440557cb01b0;path=/;HttpOnly;Max-Age=1800 cache-control: s-maxage=315360000,max-age=0,public access-control-allow-origin: * access-control-max-age: 3600 access-control-allow-credentials: true cf-cache-status: BYPASS accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 93cd6ec7edeab4f3-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdntoos.hcm2233.com/siteadmin/upload/img/1870484376567570433.avif	3.167.2.113	200 OK	60 kB
URL GET cdntoos.hcm2233.com/siteadmin/upload/img/1870484376567570433.avif IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ISO Media, AVIF Image Size 60 kB (59820 bytes) Hash 679d664568ea499be3949fb5c3c6e3bd 3068a25587aa00138d2d2f66f606c5aa4c42e46e 58fed5022879cf1cc87ff736a47e26cebb9bd8e6a5c097f5f5ed90197600c830 HTTP Headers `GET /siteadmin/upload/img/1870484376567570433.avif HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: image/avif content-length: 59820 age: 82401 server: AliyunOSS date: Thu, 08 May 2025 02:37:23 GMT x-oss-request-id: 681C18E2DA25D3580D6DB723 accept-ranges: bytes etag: "679D664568EA499BE3949FB5C3C6E3BD" last-modified: Sat, 21 Dec 2024 15:00:08 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8698087316082907771 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: Z51mRWjqSZvjlJ+1w8bjvQ== x-oss-server-time: 18 x-cache: Hit from cloudfront via: 1.1 74cb6ad66f88e47ae011abd64e57e7cc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 vary: Origin x-amz-cf-id: nzHJ42H-hLpin9a2rrYxnLLisOnQLiDyyrkK8sorfozV3dy2aHGpKA==

	w2.4hxn3e.shop/assets/theme-1/RechargeDetailIndex.CGdCOwX9.js	34.144.193.180	200 OK	4.9 kB
URL GET w2.4hxn3e.shop/assets/theme-1/RechargeDetailIndex.CGdCOwX9.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, Unicode text, UTF-8 text, with very long lines (4838) Size 4.9 kB (4898 bytes) Hash f4973002004765075e85fccf281dbdd5 e076b639cd6649ac3144d891675b802d5ed87516 10f5565e6c72782965002bf77b220603c90cc6e59f3ad11a9a7dc8b6fe509616 HTTP Headers `GET /assets/theme-1/RechargeDetailIndex.CGdCOwX9.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/WithdrawTaskIndex.K2R-QQIQ.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:44 GMT content-type: text/javascript x-oss-request-id: 681D5AC440058435376B32E6 accept-ranges: none etag: W/"F4973002004765075E85FCCF281DBDD5" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3488821906946403936 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: 9JcwAgBHZQdehfzPKB291Q== x-oss-server-time: 6 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	nmpy5.hcm660.com/	104.21.96.1	301 Moved Permanently	7.1 kB
URL User Request GET nmpy5.hcm660.com/ IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type Size 7.1 kB (7078 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: nmpy5.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Fri, 09 May 2025 01:30:28 GMT content-type: text/html; charset=UTF-8 server: cloudflare nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache location: //ntk16.hcm660.com/ cf-cache-status: DYNAMIC report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xrBiDqAQp2dRuof4LtaXinPpU9NLYHizFByvAgMPpwfx0w7gXPtQEhTjGyJztYANW7hfBRyu6yrl6F850fl5WMoaYAfxANK8a5JS0DzZAEIQp6OIxCpnK1qHtpV7evGUp16U"}]} set-cookie: PHPSESSID=hs93t0m6br28m51u4ddqd3a7s6; Path=/ uDomain=ntk16.hcm660.com; Path=/; Domain=hcm660.com; Max-Age=2592000; Expires=Sun, 08 Jun 2025 01:30:28 GMT cf-ray: 93cd6e8a2cb85685-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ntk16.hcm660.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	104.21.96.1	302 Found	8.4 kB
URL GET ntk16.hcm660.com/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ntk16.hcm660.com/ Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type Size 8.4 kB (8367 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 302 Found date: Fri, 09 May 2025 01:30:29 GMT content-length: 0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MIKvx57odiwXE3uS%2Fvc%2FS5X0M8oeRYuLm9Pp2B6ckUgg%2FmmQaZ1oiw6KvwEkDd8ssaDv%2F3KjlRxACbp3a%2BiDBfJprS1fGwmEuCQAoZlGs3JiAeu9xuT%2Bezhkf9AjcrfWQec"}],"group":"cf-nel","max_age":604800} location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/701fd2559006/main.js? cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public access-control-allow-origin: * cf-ray: 93cd6e8e9988568b-OSL server: cloudflare vary: Accept-Encoding nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=5556&min_rtt=1397&rtt_var=5378&sent=27&recv=23&lost=0&retrans=0&sent_bytes=8618&recv_bytes=2860&delivery_rate=54921&cwnd=12000&unsent_bytes=0&cid=8dd6d7e55a4db7ba&ts=637&x=16"

	w2.4hxn3e.shop/assets/theme-1/EmbeddedIndex.Z8e6yKVq.css	34.144.193.180	200 OK	509 B
URL GET w2.4hxn3e.shop/assets/theme-1/EmbeddedIndex.Z8e6yKVq.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (508) Size 509 B (509 bytes) Hash d15c3446d4197db237dba4d286faacac 8c3aec171bafc5fe99be6c8045ea26186b22e535 903b287ba2595e6227d68da0f277c3ef22a2b20efd2c9cae64ff24c89bc94e7a HTTP Headers `GET /assets/theme-1/EmbeddedIndex.Z8e6yKVq.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS content-length: 509 x-oss-request-id: 681CF72EFE67F33634E173CC accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 8468628934411190234 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: 0Vw0RtQZfbI326TShvqsrA== x-oss-server-time: 2 via: 1.1 google date: Thu, 08 May 2025 18:25:50 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT etag: "D15C3446D4197DB237DBA4D286FAACAC" content-type: text/css age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/ForgetPasswordIndex.5yrlCiPo.js	34.144.193.180	200 OK	2.8 kB
URL GET w2.4hxn3e.shop/assets/theme-1/ForgetPasswordIndex.5yrlCiPo.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (2748) Size 2.8 kB (2806 bytes) Hash 52112196c9c8cc2b52aaaa6dbaece335 cd132d771b2c696f4150a8c1d50e7b8eb1b8d967 a8579306458f3b34ea0e0d8b5352bf2cb5e08dd7930c994c49376e42c90b8d79 HTTP Headers `GET /assets/theme-1/ForgetPasswordIndex.5yrlCiPo.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/StyleIndex.CeAizi4D.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:45 GMT content-type: text/javascript x-oss-request-id: 681D5AC53D643B3533F34510 accept-ranges: none etag: W/"52112196C9C8CC2B52AAAA6DBAECE335" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 17866384937153679278 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: UhEhlsnIzCtSqqptuuzjNQ== x-oss-server-time: 6 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/game_pictures/p/285/L1/13/3/default_VND.avif	104.18.24.129	200 OK	12 kB
URL GET o566mch.hcm665.com/game_pictures/p/285/L1/13/3/default_VND.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 12 kB (12310 bytes) Hash ab5d03e03af96fa326615b867a81d329 7d736a0f50b49a155c44b26a93474f716f5f0f5c c631b93ad4ba0bc675a26fcc4837d86e71254b5de7d4bb93c20a9ba82019f207 HTTP Headers `GET /game_pictures/p/285/L1/13/3/default_VND.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 12310 x-oss-request-id: 68178F215943070BBE3AD112 vary: Origin, Accept-Encoding etag: "AB5D03E03AF96FA326615B867A81D329" last-modified: Wed, 26 Feb 2025 02:18:19 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10550241642286691105 x-oss-storage-class: Standard cache-control: max-age=1800,stale-while-revalidate=86400,immutable,proxy-revalidate,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: q10D4Dr5b6MmYVuGeoHTKQ== x-oss-server-time: 1 cf-cache-status: HIT age: 574 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea75bcfb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_qp_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	2.1 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_qp_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 2.1 kB (2068 bytes) Hash b89d650887b77956b6b302ca914b279a 3640f9b100def709036b82738fc2f36eee68cedf e0f75409a27f37a51bc994afde504eb80f9675cf08d96834ab0701528487b4f6 HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_qp_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 2068 x-oss-request-id: 681CACEC33781B6551D017F6 vary: Origin, Accept-Encoding etag: "B89D650887B77956B6B302CA914B279A" last-modified: Thu, 06 Mar 2025 03:37:26 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 15104775051050396667 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: uJ1lCIe3eVa2swLKkUsnmg== x-oss-server-time: 3 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea7abf4b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2255.com/siteadmin/ssocdn.txt	13.107.246.53	200 OK	2 B
URL GET cdntoos.hcm2255.com/siteadmin/ssocdn.txt IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://w2.4hxn3e.shop/ Certificate IssuerDigiCert, Inc. Subjectcdntoos.hcm2255.com Fingerprint6B:0F:B3:8C:B4:2C:50:0A:C0:2C:DF:00:F4:FE:F8:1A:CE:58:D9:D0 ValidityMon, 17 Feb 2025 00:00:00 GMT - Sun, 17 Aug 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash a60852f204ed8028c1c58808b746d115 b0a98216a32426b9e66a4ac1eb6df2e96e1b495c 843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c HTTP Headers `GET /siteadmin/ssocdn.txt HTTP/1.1 Host: cdntoos.hcm2255.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: text/plain content-length: 2 x-oss-request-id: 681CAC45F53B5C3C9FD42606 vary: Origin access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 etag: "A60852F204ED8028C1C58808B746D115" last-modified: Thu, 25 Jul 2024 03:06:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13902551060587900831 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: pghS8gTtgCjBxYgIt0bRFQ== x-oss-server-time: 2 x-azure-ref: 20250509T013038Z-16c476b8794dxkdghC1SVGtfpg0000000k80000000005mn5 x-fd-int-roxy-purgeid: 3067 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	hcm66awscdn.hcm2222.com/hall/home/heartbeat	3.167.2.12	200 OK	88 B
URL POST hcm66awscdn.hcm2222.com/hall/home/heartbeat IP 3.167.2.12:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjecthcm66awscdn.hcm2222.com Fingerprint93:2C:1D:A9:5C:90:25:7D:73:A9:C6:F1:92:C5:52:AD:B8:35:B0:17 ValidityFri, 27 Sep 2024 00:00:00 GMT - Sun, 26 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 88 B (88 bytes) Hash e83699370721e5d891415d1eff7d2c4d 0c7252c31306b96181a3b13b3081a767fd9cb620 926e078ea586fd55815bccbb8ccefb0d0fa2f4d3c8a2c582f4f1080e37e031c3 HTTP Headers POST /hall/home/heartbeat HTTP/1.1 Host: hcm66awscdn.hcm2222.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: vi Accept-Encoding: gzip, deflate, br Content-Type: text/plain x-object-id: {"uid":"","browserLanguage":"en-US","init":{"created":1746754232103,"version":1746700671000}} platformType: 5 devicetype: 3 x-device: 1-1 x-data-mode: cipher x-request-id: c23ac25a-d967-467e-8c06-5d6033de49bf device: b9acb4d2-198e-453c-b131-4c558c83ca52 currency: VND timestamp: 1746754241 nonce: c23ac25a-d967-467e-8c06-5d6033de49bf sign: ylZycBZMRseqp0c3PlcB3h7uNi27L96ZKBPn+0dd7lYCuC4aQBSBI0ndPq/17o59 siteCode: 285 language: vi token: b2e3d672-9d88-47a7-81b4-9d7ffc62054f auth: undefined deviceModel: Firefox v134.0 physicalDeviceModel: unknown operatingSystem: Windows deviceBrand: unknown browserType: Firefox v134.0 appSystem: Windows 10 domain: w2.4hxn3e.shop webauthnDomain: w2.4hxn3e.shop clienttimezone: 0 x-custom-referer: https://w2.4hxn3e.shop/ x-version: 6.0.52 browserfingerid: appVersion: v6.0.52 Content-Length: 44 Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: text/plain; charset=utf-8 content-length: 88 alt-svc: h3=":443"; ma=86400 date: Fri, 09 May 2025 01:30:43 GMT access-control-allow-origin: * set-cookie: acw_tc=0a094e2617467542432314220e498708dcbc43c5a47038d6a55d4be035bc83;path=/;HttpOnly;Max-Age=1800 UserKey=hMrD_fUUPVqyOvVOhRey3wQlWRX7ufOeTYGlbdT1tXEWEwUhWMr3NorISKeGmmQg; Path=/; Expires=Sat, 09 May 2026 01:30:43 GMT; Max-Age=31535999; HttpOnly api-cache: false cache-control: no-cache x-env-go-biz-gateway: 0 x-env-go-biz-gohal-server: 0 x-server-version: 4.0.0 x-trace-id: 0b445043ac363371 access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true x-cache: Miss from cloudfront via: 1.1 7a83657ba338d5960d8d5abdbe0a3136.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 x-amz-cf-id: iGefGSxWz9mcokv11TwmGKpyPK_EkI4l01sAhrI0yIRqu11goTtrDg==

	w2.4hxn3e.shop/assets/theme-1/ForgetPasswordIndex.ouEFV-9S.css	34.144.193.180	200 OK	965 B
URL GET w2.4hxn3e.shop/assets/theme-1/ForgetPasswordIndex.ouEFV-9S.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (964) Size 965 B (965 bytes) Hash 634c59675e07c0518315c5182baeb90b fce6a128f15275088c02213cd6f3c185ebcb01e8 88e3730f4257f6919a4adf73e1c89f80ca561c94cbda75b2d2c7d2a878a082c9 HTTP Headers `GET /assets/theme-1/ForgetPasswordIndex.ouEFV-9S.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS content-length: 965 x-oss-request-id: 681CF73A8E4DB931389DF8E9 accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 6649840526592458844 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: Y0xZZ14HwFGDFcUYK665Cw== x-oss-server-time: 7 via: 1.1 google date: Thu, 08 May 2025 18:26:02 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT etag: "634C59675E07C0518315C5182BAEB90B" content-type: text/css age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/StyleIndex.s6XxHlXk.css	34.144.193.180	200 OK	40 kB
URL GET w2.4hxn3e.shop/assets/theme-1/StyleIndex.s6XxHlXk.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (40411) Size 40 kB (40412 bytes) Hash 163dc74cc40362cd4f04e4ab1414ac05 b9c7bf567add1d8067e17364096c74ebdbdebb43 c84493a9292569fd9b067093d5e8a3bfddc18202ed1ad1925b396cf84dbe140e HTTP Headers `GET /assets/theme-1/StyleIndex.s6XxHlXk.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:32 GMT content-type: text/css vary: Accept-Encoding x-oss-request-id: 681D5AB8400584353717CDE5 last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13331235175381906829 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: Fj3HTMQDYs1PBOSrFBSsBQ== x-oss-server-time: 9 content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_cp_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	2.5 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_cp_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 2.5 kB (2515 bytes) Hash c6523d0afe5ffcf603bb67ad1167a76c d791edbc7a75ef3fe2c0448d0500cbfd9d38fe7c 6f73dd618756fa244e62f14647c63a769bac1cc22e425d8563363cdeb83f3a3d HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_cp_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 2515 x-oss-request-id: 681CACECEE8E28F62F618F0A vary: Origin, Accept-Encoding etag: "C6523D0AFE5FFCF603BB67AD1167A76C" last-modified: Thu, 06 Mar 2025 03:37:25 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9558610672453288934 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: xlI9Cv5f/PYDu2etEWenbA== x-oss-server-time: 1 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea7abf6b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_qkl_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	2.0 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_qkl_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 2.0 kB (1996 bytes) Hash 4b1543ba162d0655077a82c1dd631ce1 9c5aa7a5a6537bef992d51d189f615c5939924d8 d428f3e0f5d9dc7de6a79f129139f33e6170b6d47bb07bf484b1464ec78a0697 HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_qkl_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 1996 x-oss-request-id: 681CACEC5943070BBE7D183E vary: Origin, Accept-Encoding etag: "4B1543BA162D0655077A82C1DD631CE1" last-modified: Thu, 06 Mar 2025 03:37:12 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 4693715331554725992 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: SxVDuhYtBlUHeoLB3WMc4Q== x-oss-server-time: 4 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea7bbfeb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/layoutDesign/1728773652860682242.png	104.18.24.129	200 OK	742 B
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728773652860682242.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced Size 742 B (742 bytes) Hash a19e5d2b54650bf68d0dd36f58665d7f 3aed06a16e4359006cfee8ade70317c86d68ff8b b9ed806692e64e2049c775e03734bdc454190f409e59d3e0a7cf34a48b67901f HTTP Headers `GET /siteadmin/layoutDesign/1728773652860682242.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 742 x-oss-request-id: 68178B94690BB9B4A18D8F24 vary: Origin, Accept-Encoding etag: "A19E5D2B54650BF68D0DD36F58665D7F" last-modified: Sun, 26 Nov 2023 13:52:13 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3671943930116178714 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: oZ5dK1RlC/aNDdNvWGZdfw== x-oss-server-time: 19 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea7fc13b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/assets/theme-1/PureListIndex.CkMT4Ie1.js	34.144.193.180	200 OK	66 kB
URL GET w2.4hxn3e.shop/assets/theme-1/PureListIndex.CkMT4Ie1.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65065) Size 66 kB (66111 bytes) Hash 4c40b14409f991d000b5aea14deb1591 903ba060b3b4f963a078da89adf7e7b3dd3929c0 dc426aaa066d212665cd7385b083e478e61fa60ac109d8d4a66e7f1b9988d971 HTTP Headers `GET /assets/theme-1/PureListIndex.CkMT4Ie1.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:34 GMT content-type: text/javascript x-oss-request-id: 681D5ABAE9CC4C3836C48286 accept-ranges: none etag: W/"4C40B14409F991D000B5AEA14DEB1591" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9410978552846658186 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: TECxRAn5kdAAta6hTesVkQ== x-oss-server-time: 8 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/hall/api/gohal/staffAllV3/currency/VND/language/vi.json	104.18.24.129	200 OK	6.2 kB
URL GET o566mch.hcm665.com/hall/api/gohal/staffAllV3/currency/VND/language/vi.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (6208), with no line terminators Size 6.2 kB (6208 bytes) Hash 789e7b61ce68e0ac94e72c2d6194d2ac aab7b40d8eaf11f76278f8ca2a2677bd34e40ca3 007f44812a5e88636e77f18254833f323e0c08f838c32ae47b210f6a30c37d26 HTTP Headers GET /hall/api/gohal/staffAllV3/currency/VND/language/vi.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:35 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681D50E71E3C9231C3FDA720 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1329542669761250079 x-oss-storage-class: Standard cache-control: s-maxage=600,max-age=0,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: eJ57Yc5o4KyU5ywtYZTSrA== x-oss-server-time: 1 content-encoding: gzip cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6eb48adfb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/common/common/bg_pattern_tile.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	526 B
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-11/common/common/bg_pattern_tile.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 526 B (526 bytes) Hash 889285a3419ee717af24134ebf9411e8 3a82160c1e70b69766d21866a5ccc4e4b26bf85e 12daba66ca4ca0f1d1dad673e985c7931d59ab582107c66a16f69319d0a787ed HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-11/common/common/bg_pattern_tile.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:36 GMT content-type: image/avif content-length: 526 x-oss-request-id: 681CACEF40D0029A5CCA5DCE vary: Origin, Accept-Encoding etag: "889285A3419EE717AF24134EBF9411E8" last-modified: Wed, 07 May 2025 10:03:59 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 7665308491089984100 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: iJKFo0Ge5xevJBNOv5QR6A== x-oss-server-time: 2 cf-cache-status: HIT age: 29821 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eb77ce2b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/cocos/maintain-time.json?timestamp=1746754232683	104.18.24.129	404 Not Found	400 B
URL GET o566mch.hcm665.com/cocos/maintain-time.json?timestamp=1746754232683 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type XML 1.0 document, ASCII text Size 400 B (400 bytes) Hash ae8c51f66908b7398c291b3b23a9f94e 2d53a17a86b45f66d0fd0cd21792901c92b8cef3 f3e737730e45d4767262f63ca4eeeb91fca9ba973c51f279cfda77436e39aac3 HTTP Headers `GET /cocos/maintain-time.json?timestamp=1746754232683 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 404 Not Found date: Fri, 09 May 2025 01:30:37 GMT content-type: application/xml x-oss-request-id: 681D5AB9B724A511D312C022 vary: Origin, Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 x-oss-server-time: 2 x-oss-ec: 0026-00000001 cf-cache-status: HIT age: 4 priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ebe283bb503-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/assets/theme-1/IframeIndex.Ce8SQIBG.js	34.144.193.180	200 OK	2.3 kB
URL GET w2.4hxn3e.shop/assets/theme-1/IframeIndex.Ce8SQIBG.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (2213) Size 2.3 kB (2263 bytes) Hash 2fd79ef128c6832a5840529be1a0e0c1 4e00d70f7f5763e78f7d6f450d210a4027acc4c2 f44def64ab2af680a22b046e4d7efd8239aadf8b621e45fc67aa04f64bef1fed HTTP Headers `GET /assets/theme-1/IframeIndex.Ce8SQIBG.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF735FE67F33634BAA4CC accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 4491305521277957837 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: L9ee8SjGgypYQFKb4aDgwQ== x-oss-server-time: 18 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:57 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"2FD79EF128C6832A5840529BE1A0E0C1" content-type: text/javascript vary: Accept-Encoding content-length: 1057 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskDay/currency/VND/language/vi.json	3.167.2.113	200 OK	960 B
URL GET cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskDay/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (960), with no line terminators Size 960 B (960 bytes) Hash 6e240c6d77430d2a44a279af8f233821 115d1740e17925dcca037880b5f418b5d8273f70 d3ffe1aeb1db5645f78be0a3f5fc21e6f84fcc17c2a5b9c7cbb7e6df404cf2ec HTTP Headers GET /hall/api/active/tasks/pop_taskDay/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 960 age: 584 server: AliyunOSS x-oss-request-id: 681D4F8A304E2E95F8690326 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10986352239552173031 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: biQMbXdDDSpEonmvjyM4IQ== x-oss-server-time: 1 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "6E240C6D77430D2A44A279AF8F233821" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: H8ErdXG8xmqNM4DhUA1y1Gdt3sNzzGWwW686cO5YOCf3LbwaOAoaOA==

	o566mch.hcm665.com/siteadmin/layoutDesign/1728076451578531841.png	104.18.24.129	200 OK	2.5 kB
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728076451578531841.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 80 x 70, 8-bit colormap, non-interlaced Size 2.5 kB (2477 bytes) Hash 770ef922d57d6b06ba224696a419f531 02511e819803fc0022839680a71382d9ed2b9607 4c2108d9033b6ee25ddb636d96a888224fffec5ece7adb7944220c933888ee03 HTTP Headers `GET /siteadmin/layoutDesign/1728076451578531841.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 2477 x-oss-request-id: 68178B9372F06605DE7F164E vary: Origin, Accept-Encoding etag: "770EF922D57D6B06BA224696A419F531" last-modified: Fri, 24 Nov 2023 15:41:48 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10491443143967824292 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: dw75ItV9awa6IkaWpBn1MQ== x-oss-server-time: 5 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea72bb8b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_rm_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	1.6 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_rm_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 1.6 kB (1643 bytes) Hash a366b847023f63075861a071a1b1344c eacac4b5edbfcfa19ae5ecc66a2f916113e6401c d26274fa743c32dd7ba036ca81b9efceb71fb219148dee10a2295aca81016093 HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_rm_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 1643 x-oss-request-id: 681CACECF53B5C3C9FD5ED78 vary: Origin, Accept-Encoding etag: "A366B847023F63075861A071A1B1344C" last-modified: Thu, 06 Mar 2025 03:37:25 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 13110171119037869978 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: o2a4RwI/YwdYYaBxobE0TA== x-oss-server-time: 6 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea75bd0b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/game_pictures/p/285/CL/hot/13/3/default_VND.avif	104.18.24.129	200 OK	6.4 kB
URL GET o566mch.hcm665.com/game_pictures/p/285/CL/hot/13/3/default_VND.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 6.4 kB (6406 bytes) Hash 63d3981434da2accc4378f1e3f0865fc 699b07e3aed1c4d185971fde0fcb4b334728b01f a9106dfaab4fa5013f8ff58194c2380e0cc3c0d16160c6cf00e6fb5141578909 HTTP Headers `GET /game_pictures/p/285/CL/hot/13/3/default_VND.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 6406 x-oss-request-id: 68178F22CC39EAB9AF34BECD vary: Origin, Accept-Encoding etag: "63D3981434DA2ACCC4378F1E3F0865FC" last-modified: Wed, 26 Feb 2025 02:18:17 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 12262798022657831471 x-oss-storage-class: Standard cache-control: max-age=1800,stale-while-revalidate=86400,immutable,proxy-revalidate,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: Y9OYFDTaKszEN48ePwhl/A== x-oss-server-time: 1 cf-cache-status: HIT age: 574 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa6d26b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/hall/api/active/tasks/newcomer_benefit_reward/default.json	3.167.2.113	200 OK	748 B
URL GET cdntoos.hcm2233.com/hall/api/active/tasks/newcomer_benefit_reward/default.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (748), with no line terminators Size 748 B (748 bytes) Hash 8eb704c1fe8c3a7fa9982c8ceb170b64 0b8faa57a502cc513a9b0d084bfa22bddcc87352 07b0110e614e90de5aa7b84257955e6780266a3c5e5f62a6c5d55bbcd65e06af HTTP Headers GET /hall/api/active/tasks/newcomer_benefit_reward/default.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/json content-length: 748 server: AliyunOSS x-oss-request-id: 681D08F240D0029A5C98F5D3 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Thu, 08 May 2025 16:05:34 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9091065259908694717 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: jrcEwf6MOn+pmCyM6xcLZA== x-oss-server-time: 2 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "8EB704C1FE8C3A7FA9982C8CEB170B64" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: wTKqr8myEomyjdnCP_t574lc63qpLWzp3N--EzToQ0BdjD9vSfiJyg== age: 574 X-Firefox-Spdy: h2

	w2.4hxn3e.shop/assets/theme-1/FindUsIndex.C4Jwt9xK.css	34.144.193.180	200 OK	3.3 kB
URL GET w2.4hxn3e.shop/assets/theme-1/FindUsIndex.C4Jwt9xK.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (3268) Size 3.3 kB (3269 bytes) Hash 800d454f20ef8cbe837eab55c4a194f7 d091aa06afc60ff5a7cf87e433a53e7dde82384e f8af8e532e3333ac5257a4aa8cc41fa273c2392a542d57668c3ce2a0205509b2 HTTP Headers `GET /assets/theme-1/FindUsIndex.C4Jwt9xK.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF73B06F3A437365646EA x-oss-object-type: Normal x-oss-hash-crc64ecma: 13685685862988194271 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: gA1FTyDvjL6DfqtVxKGU9w== x-oss-server-time: 7 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:26:03 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT content-type: text/css vary: Accept-Encoding content-length: 924 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/hall/api/lobby/site/getSiteInfo/language/vi.json	104.18.24.129	200 OK	3.7 kB
URL GET o566mch.hcm665.com/hall/api/lobby/site/getSiteInfo/language/vi.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (3692), with no line terminators Size 3.7 kB (3692 bytes) Hash a839f2f39ecebb928a37e073375ad4cc ec1eb1a926fdebc4a6a3a722bc82e9a9088549fb b32ca3d56a99bbd562b71a1f3b634c14c30577c502416fce582ecf29599fd6a1 HTTP Headers `GET /hall/api/lobby/site/getSiteInfo/language/vi.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:35 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681CACEEDE669353D24C9C28 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Wed, 07 May 2025 19:05:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9412272611430716167 x-oss-storage-class: Standard cache-control: s-maxage=600,public,max-age=0 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: qDny857Ou5KKN+BzN1rUzA== x-oss-server-time: 0 content-encoding: gzip cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6eb4cb09b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	w2.4hxn3e.shop/assets/theme-1/IframeIndex.C1lVpAnk.css	34.144.193.180	200 OK	1.0 kB
URL GET w2.4hxn3e.shop/assets/theme-1/IframeIndex.C1lVpAnk.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (1006) Size 1.0 kB (1007 bytes) Hash 3eb653eb6083aec3a3a2b8e1eea76a95 1af9ddffe27982394fae1a2df82381981f5bd141 8fbb049e2701b54fcfe0001a11de8d3f23a97c2f87c9402f23f9e8ab587d6fb3 HTTP Headers `GET /assets/theme-1/IframeIndex.C1lVpAnk.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:39 GMT content-type: text/css content-length: 1007 x-oss-request-id: 681D5ABF3D643B3533451610 accept-ranges: bytes etag: "3EB653EB6083AEC3A3A2B8E1EEA76A95" last-modified: Fri, 09 May 2025 01:28:07 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 4392531840645696237 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: PrZT62CDrsOjorjh7qdqlQ== x-oss-server-time: 5 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/WithdrawRecordIndex.LYDYXLyj.js	34.144.193.180	200 OK	1.3 kB
URL GET w2.4hxn3e.shop/assets/theme-1/WithdrawRecordIndex.LYDYXLyj.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Java source, ASCII text, with very long lines (1232) Size 1.3 kB (1290 bytes) Hash be8a70e4f24ffaa9c8be3ece7b2242b5 0feeee9bb82e77d1c6db01bff28189e72f9d521c e51e0c01be8dbeaa9b6a72c3f2cfe3861205149fe36d8270b9e4c2ef848c68b4 HTTP Headers `GET /assets/theme-1/WithdrawRecordIndex.LYDYXLyj.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/WithdrawTaskIndex.K2R-QQIQ.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF73908EA323038CC03DD accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 2797388254091250500 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: vopw5PJP+qnIvj7OeyJCtQ== x-oss-server-time: 8 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:26:01 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"BE8A70E4F24FFAA9C8BE3ECE7B2242B5" content-type: text/javascript vary: Accept-Encoding content-length: 620 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdntoos.hcm2233.com/hall/api/active/pop_chop_one_knife_new/currency/VND/language/vi.json	3.167.2.113	200 OK	88 B
URL GET cdntoos.hcm2233.com/hall/api/active/pop_chop_one_knife_new/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 88 B (88 bytes) Hash 382ce9fce5a67dcc483d228e01aea6b3 a5450c2b93572c97a2638c29aee719b288c5f295 6ad7a288d37d5a19a937d622f86d68ac9b8b282e53d7dd11cd36c31d752c64e4 HTTP Headers GET /hall/api/active/pop_chop_one_knife_new/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 88 age: 575 server: AliyunOSS x-oss-request-id: 681D495CCC39EAB9AF8AF6A9 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Thu, 08 May 2025 23:28:01 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8876602635189503080 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: OCzp/OWmfcxIPSKOAa6msw== x-oss-server-time: 1 date: Fri, 09 May 2025 01:21:12 GMT cache-control: s-maxage=600,max-age=0,public etag: "382CE9FCE5A67DCC483D228E01AEA6B3" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: 0omKq54YR_ly18MAPd7NKZsp6EFYp6uxAwSo5yxG5JyntShOS3u1eg==

	w2.4hxn3e.shop/assets/theme-1/2_EventDialogsChunk.DgiwuRqy.js	34.144.193.180	200 OK	101 kB
URL GET w2.4hxn3e.shop/assets/theme-1/2_EventDialogsChunk.DgiwuRqy.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (64575) Size 101 kB (100735 bytes) Hash 4a50bc9528fad50c6e9a086ab8f578ec aab596927298b2e4d8b06b76f912d85496667a1c 2e891ab794c9a59515815a38730d6b736bb9a21716ae57f944e48acfea4500ff HTTP Headers `GET /assets/theme-1/2_EventDialogsChunk.DgiwuRqy.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF73D8E4DB93138D60EEA accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 4474334712505322081 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: SlC8lSj61QxumghquPV47A== x-oss-server-time: 6 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:26:05 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"4A50BC9528FAD50C6E9A086AB8F578EC" content-type: text/javascript vary: Accept-Encoding content-length: 27326 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskWeek/currency/VND/language/vi.json	3.167.2.113	200 OK	1.1 kB
URL GET cdntoos.hcm2233.com/hall/api/active/tasks/pop_taskWeek/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (1088), with no line terminators Size 1.1 kB (1088 bytes) Hash 67042b179a532f83e8d8d6512b09c299 3d06c6a49eaca0ff9789f21318f068b3d3bef101 dfc03979b78cdd5d9cb051940b8cdd12fc9da73ac8d1c4abeec5149ee858fb0a HTTP Headers GET /hall/api/active/tasks/pop_taskWeek/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json alt-svc: h3=":443"; ma=86400 age: 584 server: AliyunOSS x-oss-request-id: 681D4F8A7DAC2CB4E290342C access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 6437387096120924487 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: ZwQrF5pTL4Po2NZRKwnCmQ== x-oss-server-time: 1 content-encoding: gzip date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "67042B179A532F83E8D8D6512B09C299" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 x-amz-cf-id: 09XVSzdf2g81QWnpBrSjrycAUyqzMp81eUQm3ZBXZhYyvGZYoWGs4g==

	w2.4hxn3e.shop/assets/vendors/vendor-stable.DbXiLqro.js	34.144.193.180	200 OK	413 kB
URL GET w2.4hxn3e.shop/assets/vendors/vendor-stable.DbXiLqro.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size 413 kB (412853 bytes) Hash 8bd5589cb389554d3aac7faf91a79fa1 7df9fdef77cf54aa69d3beee94a198618210e6d9 d8762afe9969dd16abbb6317368edeaeaffa5e2902fc3aa2d835472de1c5aed6 HTTP Headers `GET /assets/vendors/vendor-stable.DbXiLqro.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS date: Fri, 09 May 2025 01:30:31 GMT content-type: text/javascript x-oss-request-id: 681D5AB7637FD23235EAC4BE accept-ranges: none etag: W/"8BD5589CB389554D3AAC7FAF91A79FA1" last-modified: Fri, 09 May 2025 01:28:12 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 2272890764115836321 x-oss-storage-class: Standard x-oss-meta-version: v6.0.52 cache-control: max-age=31622400 content-md5: i9VYnLOJVU06rH+vkaefoQ== x-oss-server-time: 5 vary: Accept-Encoding content-encoding: br via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/workers-qy9Jwbtu.js	34.144.193.180	200 OK	4.4 kB
URL GET w2.4hxn3e.shop/assets/workers-qy9Jwbtu.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, ASCII text Size 4.4 kB (4420 bytes) Hash d6e1cc2d959d07155b487d4911b6087e 6334fce87963b6c07edbcc4277bf01565b9d0798 b5b10a66bb72a298d200bc6c64734fc38faf8770a3e0f2a8ed5de79a0e07ef7a HTTP Headers `GET /assets/workers-qy9Jwbtu.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: worker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72E72154E3037776403 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 10918190586927633353 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: 1uHMLZWdBxVbSH1JEbYIfg== x-oss-server-time: 5 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:50 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:03 GMT etag: W/"D6E1CC2D959D07155B487D4911B6087E" content-type: text/javascript vary: Accept-Encoding content-length: 1560 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/game_pictures/p/285/L1/316/3/default_VND.avif	104.18.24.129	200 OK	19 kB
URL GET o566mch.hcm665.com/game_pictures/p/285/L1/316/3/default_VND.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 19 kB (18962 bytes) Hash 8e1f338634f527a7e23ee07d8eee7b8a 2f61ac00cc0e4a19e07f0f478751b4c9ed34ac43 af7f7decfe26b2bd0d4912aece4c7d71db0abb5caf8ceaf14ae917287e80475b HTTP Headers `GET /game_pictures/p/285/L1/316/3/default_VND.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 18962 x-oss-request-id: 68178F2112A9C8DCE87A3CCD vary: Origin, Accept-Encoding etag: "8E1F338634F527A7E23EE07D8EEE7B8A" last-modified: Fri, 28 Feb 2025 08:01:13 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 9945629842684851848 x-oss-storage-class: Standard cache-control: s-maxage=86400,public,max-age=1800 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: jh8zhjT1J6fiPuB9ju57ig== x-oss-server-time: 4 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea73bbeb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_sw_1.avif?manualVersion=1&version=v6.0.52	104.18.24.129	200 OK	1.4 kB
URL GET o566mch.hcm665.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_sw_1.avif?manualVersion=1&version=v6.0.52 IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 1.4 kB (1438 bytes) Hash 2e03e10988891acc9cc637ca119c46a9 638db2bc149f4284a01d7263bee1e1da1a9451de aaa12a64882b9ae721e85f8e02fd5a8fb3ddcc01094837e49fa20d0295c3616d HTTP Headers GET /siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_sw_1.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 1438 x-oss-request-id: 681CACEC048FEF8C7FCC8CB9 vary: Origin, Accept-Encoding etag: "2E03E10988891ACC9CC637CA119C46A9" last-modified: Thu, 06 Mar 2025 03:37:14 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 12509173059260600885 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: LgPhCYiJGsycxjfKEZxGqQ== x-oss-server-time: 1 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea7bc01b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	o566mch.hcm665.com/hall/api/lobby/footerConfigV2/getInfo/language/vi.json	104.18.24.129	200 OK	3.1 kB
URL GET o566mch.hcm665.com/hall/api/lobby/footerConfigV2/getInfo/language/vi.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (3116), with no line terminators Size 3.1 kB (3116 bytes) Hash 9ffa54af45bcff38259e128a1601a2de fa52694d2eace631a27e0b806722be607dc9e9b4 e7d2ed7c52a5ce6382abb17bfbd172a25a6b127067d14bc01f13557e97ba17e4 HTTP Headers `GET /hall/api/lobby/footerConfigV2/getInfo/language/vi.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:34 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681CACECCC39EAB9AF67C655 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Wed, 07 May 2025 19:05:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 481488503752436933 x-oss-storage-class: Standard cache-control: s-maxage=600,public,max-age=0 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: n/pUr0W8/zglnhKKFgGi3g== x-oss-server-time: 1 content-encoding: gzip cf-cache-status: REVALIDATED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ea93cb9b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	hcm66cfcdn.hcm2244.com/ipacdn.txt	104.18.24.129	200 OK	2 B
URL GET hcm66cfcdn.hcm2244.com/ipacdn.txt IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm66cfcdn.hcm2244.com Fingerprint4E:32:55:0C:8B:72:0F:7D:00:4E:BD:C9:BE:83:1B:B2:4B:AE:2F:AE ValidityFri, 11 Apr 2025 18:40:34 GMT - Thu, 10 Jul 2025 19:40:32 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers `GET /ipacdn.txt HTTP/1.1 Host: hcm66cfcdn.hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://w2.4hxn3e.shop/ Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 09 May 2025 01:30:38 GMT content-type: text/plain content-length: 2 set-cookie: acw_tc=0a0cca9317467542388693959e3fb5b31f21314a33afe07a90f268b55472cd;path=/;HttpOnly;Max-Age=1800 cache-control: s-maxage=315360000,max-age=0,public access-control-allow-origin: * access-control-max-age: 3600 access-control-allow-credentials: true cf-cache-status: BYPASS accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 93cd6ec7edc656b4-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdntoos.hcm2233.com/siteadmin/skin/lobby_asset/common/common/common/comm_icon_gb.avif?manualVersion=1&version=v6.0.52	3.167.2.113	200 OK	1.3 kB
URL GET cdntoos.hcm2233.com/siteadmin/skin/lobby_asset/common/common/common/comm_icon_gb.avif?manualVersion=1&version=v6.0.52 IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ISO Media, AVIF Image Size 1.3 kB (1345 bytes) Hash bc1e82b026c2375fbfb26275d37d785c 5f6e2a428261f16c1a6d05806833e6be5644a8fb fe109f4b4ec0fdfdf95370109d9fb80a0b3d3d8f7fafefa820f4d832c1dbee7c HTTP Headers GET /siteadmin/skin/lobby_asset/common/common/common/comm_icon_gb.avif?manualVersion=1&version=v6.0.52 HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: image/avif content-length: 1345 age: 32957 server: AliyunOSS date: Thu, 08 May 2025 16:21:26 GMT x-oss-request-id: 681CDA06304E2E95F8AC671B accept-ranges: bytes etag: "BC1E82B026C2375FBFB26275D37D785C" last-modified: Wed, 07 May 2025 10:18:12 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 8998093129681346611 x-oss-storage-class: Standard cache-control: max-age=604800,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: vB6CsCbCN1+/smJ10314XA== x-oss-server-time: 19 x-cache: Hit from cloudfront via: 1.1 74cb6ad66f88e47ae011abd64e57e7cc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 vary: Origin x-amz-cf-id: pBwKD-j3xi8kC-lUlVi4Cm7q1Ae1Qi9eHXQauIWxM0Mw4QURTaJ2Sg==

	w2.4hxn3e.shop/assets/theme-1/PromoteIndex.B794LpYH.css	34.144.193.180	200 OK	107 kB
URL GET w2.4hxn3e.shop/assets/theme-1/PromoteIndex.B794LpYH.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 107 kB (106629 bytes) Hash 7e257b804a5b70659b987c504618d56b b37799635bf3cc9b6a86cf0665d53af0e96ddbad 59fe4aa4276c52ce60c55d799e17a22318360542d97dce0617c04e703652ae08 HTTP Headers `GET /assets/theme-1/PromoteIndex.B794LpYH.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: AliyunOSS x-oss-request-id: 681CF72B5841FF3134578EC9 x-oss-object-type: Normal x-oss-hash-crc64ecma: 6371111061523868151 x-oss-storage-class: Standard x-oss-meta-version: v6.0.40-v6.0.47 content-md5: fiV7gEpbcGWbmHxQRhjVaw== x-oss-server-time: 27 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:25:47 GMT cache-control: max-age=31622400 last-modified: Wed, 07 May 2025 08:14:30 GMT content-type: text/css vary: Accept-Encoding content-length: 10975 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdntoos.hcm2233.com/hall/api/backstage/customer/getWebTrans/language/vi.json	3.167.2.113	200 OK	1.4 MB
URL GET cdntoos.hcm2233.com/hall/api/backstage/customer/getWebTrans/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 1.4 MB (1386156 bytes) Hash 3201bdf46474d51550e573ac1dbefc8c 388aee1d5e00eb8efa9be276f556640f16c15ef9 6ac3366054250483b4b6e842a28b8fb576db3ca54324198b9c9ce83f29a71ee6 HTTP Headers GET /hall/api/backstage/customer/getWebTrans/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/json server: AliyunOSS x-oss-request-id: 681D4F897DAC2CB4E2903227 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 2476064243782971622 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: MgG99GR01RVQ5XOsHb78jA== x-oss-server-time: 3 content-encoding: gzip date: Fri, 09 May 2025 01:21:03 GMT cache-control: s-maxage=600,max-age=0,public etag: "3201BDF46474D51550E573AC1DBEFC8C" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: 7OpH82TVFIZV1QiWcmpdDCoeW-NM3RHEJ9vdgFQPsOZfMqD_d30neg== age: 574 X-Firefox-Spdy: h2

	cdntoos.hcm2233.com/hall/api/lobby/webapi/forceUpdate/getForceUpdate.json	3.167.2.113	200 OK	492 B
URL GET cdntoos.hcm2233.com/hall/api/lobby/webapi/forceUpdate/getForceUpdate.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (492), with no line terminators Size 492 B (492 bytes) Hash 11b1813437767d74185740535482511e 597af3247be54f2addbca2088fcc82506510de3e b171f25ef87e1f289f4e4c435a3cd4bf7bf37ff1c91c80a0a7a1deb29cbf606f HTTP Headers `GET /hall/api/lobby/webapi/forceUpdate/getForceUpdate.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/json content-length: 492 server: AliyunOSS x-oss-request-id: 681D040133781B6551968C7F access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Wed, 07 May 2025 19:05:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 18393910310436726933 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: EbGBNDd2fXQYV0BTVIJRHg== x-oss-server-time: 1 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,public,max-age=0 etag: "11B1813437767D74185740535482511E" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: AIWy5OCRo85VZczC3w9GFYgIZSYQwBQJDuw9g-b0CPXUfTQWm-qq_g== age: 574 X-Firefox-Spdy: h2

	hcm2244.com/hall/ipCheck?siteCode=285&currency=VND&language=vi&platformType=5	104.18.25.129	200 OK	236 B
URL GET hcm2244.com/hall/ipCheck?siteCode=285&currency=VND&language=vi&platformType=5 IP 104.18.25.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecthcm2244.com Fingerprint1E:FC:82:F5:D7:8C:88:C1:C8:AB:8F:34:19:36:B0:F3:BC:B3:1D:48 ValidityTue, 11 Mar 2025 10:49:09 GMT - Mon, 09 Jun 2025 11:49:02 GMT File type JSON text data Size 236 B (236 bytes) Hash a89c95af33ef919608712c3aa3672a61 3dd96b842e04dd92a8e5172bb6bab114378b3d27 cbf885f2a76bebade58d076f01506d21a650ceb1d8b8d4ed7525265816b8da3a HTTP Headers GET /hall/ipCheck?siteCode=285&currency=VND&language=vi&platformType=5 HTTP/1.1 Host: hcm2244.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: vi Accept-Encoding: gzip, deflate, br x-object-id: {"uid":"","browserLanguage":"en-US","init":{"created":1746754232103,"version":1746700671000}} platformType: 5 devicetype: 3 x-device: 1-1 x-data-mode: plain x-request-id: dd48458c-a02f-4cd6-b9ac-83f068d23050 device: b9acb4d2-198e-453c-b131-4c558c83ca52 currency: VND timestamp: 1746754237 nonce: dd48458c-a02f-4cd6-b9ac-83f068d23050 sign: WrnZbAVE1JXCk9eOht73w691JrXbFnXFZldqgSLSXAbztkpC8+g0LnUQwsL0bfoz siteCode: 285 language: vi token: auth: undefined deviceModel: Firefox v134.0 physicalDeviceModel: unknown operatingSystem: Windows deviceBrand: unknown browserType: Firefox v134.0 appSystem: Windows 10 domain: w2.4hxn3e.shop webauthnDomain: w2.4hxn3e.shop clienttimezone: 0 x-custom-referer: https://w2.4hxn3e.shop/ x-version: 6.0.52 browserfingerid: appVersion: v6.0.52 Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:39 GMT content-type: application/json; charset=utf-8 set-cookie: acw_tc=0a094e1f17467542390933533e4209ee415532991c1a5cd32ce8c695470ef7;path=/;HttpOnly;Max-Age=1800 cache-control: no-cache x-env-go-biz-gateway: 0 x-server-version: 4.0.0 x-trace-id: 3d0bff527d32ce1f access-control-allow-methods: * access-control-max-age: 3600 access-control-allow-credentials: true access-control-allow-origin: * cf-cache-status: DYNAMIC priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ec8a920b4f1-OSL content-encoding: gzip alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/hall/api/gohal/staffAllV3/currency/VND/language/vi.json	3.167.2.113	200 OK	6.2 kB
URL GET cdntoos.hcm2233.com/hall/api/gohal/staffAllV3/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (6208), with no line terminators Size 6.2 kB (6208 bytes) Hash 789e7b61ce68e0ac94e72c2d6194d2ac aab7b40d8eaf11f76278f8ca2a2677bd34e40ca3 007f44812a5e88636e77f18254833f323e0c08f838c32ae47b210f6a30c37d26 HTTP Headers GET /hall/api/gohal/staffAllV3/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json alt-svc: h3=":443"; ma=86400 age: 573 server: AliyunOSS x-oss-request-id: 681D4F8CEE8E28F62F8F8CEF access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1329542669761250079 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: eJ57Yc5o4KyU5ywtYZTSrA== x-oss-server-time: 2 content-encoding: gzip date: Fri, 09 May 2025 01:21:06 GMT etag: "789E7B61CE68E0AC94E72C2D6194D2AC" cache-control: s-maxage=600,max-age=0,public vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 x-amz-cf-id: HNBsx3fubT-H_-lPZmj0TQBwQEs460rL8vN567VpKgIlM0hibNKAow==

	cdntoos.hcm2233.com/hall/api/active/popSignActive/currency/VND/language/vi.json	3.167.2.113	200 OK	88 B
URL GET cdntoos.hcm2233.com/hall/api/active/popSignActive/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 88 B (88 bytes) Hash 5ceb51eeb12bfeadf1b44f1b93ae19a1 c8d2863987a8df2f23e4d0bf0595bd5e16e0fac8 a1b875bb404df9e638ea3b0ebc58c9d3235c6f963ff3e7bc8c850c9bc3b4bc53 HTTP Headers GET /hall/api/active/popSignActive/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 88 age: 575 server: AliyunOSS x-oss-request-id: 681C18E7690BB9B4A177F0B4 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Tue, 06 May 2025 14:18:11 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3951325259671474277 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: XOtR7rEr/q3xtE8bk64ZoQ== x-oss-server-time: 2 date: Fri, 09 May 2025 01:21:12 GMT cache-control: s-maxage=600,max-age=0,public etag: "5CEB51EEB12BFEADF1B44F1B93AE19A1" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: E3ztVcSMA2IJPOozweVbgf9rJaSgeSXc0FAPE81Xh8Nz3fREARSGqw==

	w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js	34.144.193.180	200 OK	184 kB
URL GET w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type Unicode text, UTF-8 text, with very long lines (62404) Size 184 kB (184250 bytes) Hash 09d37c242c1fa871666e4c86ced0a028 1588379c131217478b59c917960a05cb13a85a2b 6864f440eb74697fc449b4293f8798c650e3a9d3e012b53b0d76b5e7bc8dcb8e HTTP Headers `GET /assets/theme-1/index.Dg1hxx0Q.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: AliyunOSS x-oss-request-id: 681CF72B72154E30374B5103 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 7951274596843745545 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: CdN8JCwfqHFmbkyGztCgKA== x-oss-server-time: 7 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:47 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"09D37C242C1FA871666E4C86CED0A028" content-type: text/javascript vary: Accept-Encoding content-length: 58480 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	o566mch.hcm665.com/game_pictures/p/285/CL/hot/13/2/default_VND.avif	104.18.24.129	200 OK	9.1 kB
URL GET o566mch.hcm665.com/game_pictures/p/285/CL/hot/13/2/default_VND.avif IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ISO Media, AVIF Image Size 9.1 kB (9066 bytes) Hash 4f9d67a77826b73c0f46e8d8c2d3b71d 16e4ca0527e710657ae2861c4afe6b7144cf15b1 075141123367456fcdcc082f040e0f43ef17a05b6290cd96a49ef76703a44a38 HTTP Headers `GET /game_pictures/p/285/CL/hot/13/2/default_VND.avif HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/avif content-length: 9066 x-oss-request-id: 68178F225943070BBE3AD27B vary: Origin, Accept-Encoding etag: "4F9D67A77826B73C0F46E8D8C2D3B71D" last-modified: Wed, 26 Feb 2025 02:18:17 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 1121875457358877846 x-oss-storage-class: Standard cache-control: max-age=1800,stale-while-revalidate=86400,immutable,proxy-revalidate,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: T51np3gmtzwPRujYwtO3HQ== x-oss-server-time: 4 cf-cache-status: HIT age: 574 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6eaa3d0cb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2211.com/cocos/maintain-time.json?timestamp=1746754232683	0.0.0.0		0 B
URL GET cdntoos.hcm2211.com/cocos/maintain-time.json?timestamp=1746754232683 IP 0.0.0.0:0 ASN #0 Requested by https://w2.4hxn3e.shop/ File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /cocos/maintain-time.json?timestamp=1746754232683 HTTP/1.1 Host: cdntoos.hcm2211.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`

	w2.4hxn3e.shop/assets/vendors/vendor-bignumber.D7tUMeU1.js	34.144.193.180	200 OK	38 kB
URL GET w2.4hxn3e.shop/assets/vendors/vendor-bignumber.D7tUMeU1.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (37688) Size 38 kB (37746 bytes) Hash 2c1e15abce5e994c4ca2954551db55ac 8f9949467e6c1e06c5e075ee579fb3d14dddc6f8 91a2966e30d053d084f3e2b6a08d8690c703bedb5674b2341241f407bc278bcb HTTP Headers `GET /assets/vendors/vendor-bignumber.D7tUMeU1.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72CC05EDB383459F927 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 15246632376342952865 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: LWPvYiWGsGxSzH93vs31uQ== x-oss-server-time: 40 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:48 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:30:00 GMT etag: W/"2D63EF622586B06C52CC7F77BECDF5B9" content-type: text/javascript vary: Accept-Encoding content-length: 14115 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/PromoteIndex.Cba_qNcW.js	34.144.193.180	200 OK	27 kB
URL GET w2.4hxn3e.shop/assets/theme-1/PromoteIndex.Cba_qNcW.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (26957) Size 27 kB (27008 bytes) Hash b679e20d971b88695312cdd8035b7fa3 72767ddc2e47ffeaf7fc3cde0a29788f756977e1 64c42be7a11cff2f752622377b1168da61a21503de11d1a3a145f383f121a2d1 HTTP Headers `GET /assets/theme-1/PromoteIndex.Cba_qNcW.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/index.Dg1hxx0Q.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF72CFEEE6A3032433B5E accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 8375449603165931812 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: tnniDZcbiGlTEs3YA1t/ow== x-oss-server-time: 4 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:25:48 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"B679E20D971B88695312CDD8035B7FA3" content-type: text/javascript vary: Accept-Encoding content-length: 7274 age: 25482 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	o566mch.hcm665.com/siteadmin/layoutDesign/1728773685372276737.png	104.18.24.129	200 OK	742 B
URL GET o566mch.hcm665.com/siteadmin/layoutDesign/1728773685372276737.png IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced Size 742 B (742 bytes) Hash a19e5d2b54650bf68d0dd36f58665d7f 3aed06a16e4359006cfee8ade70317c86d68ff8b b9ed806692e64e2049c775e03734bdc454190f409e59d3e0a7cf34a48b67901f HTTP Headers `GET /siteadmin/layoutDesign/1728773685372276737.png HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 09 May 2025 01:30:33 GMT content-type: image/png content-length: 742 x-oss-request-id: 68178B93DA25D3580D86EA4D vary: Origin, Accept-Encoding etag: "A19E5D2B54650BF68D0DD36F58665D7F" last-modified: Sun, 26 Nov 2023 13:52:20 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3671943930116178714 x-oss-storage-class: Standard cache-control: max-age=86400 x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: oZ5dK1RlC/aNDdNvWGZdfw== x-oss-server-time: 1 cf-cache-status: HIT age: 29820 accept-ranges: bytes priority: u=4,i=?0 server: cloudflare cf-ray: 93cd6ea7fc12b503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/hall/api/message/popupcfg/currency/VND.json	3.167.2.113	200 OK	88 B
URL GET cdntoos.hcm2233.com/hall/api/message/popupcfg/currency/VND.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 88 B (88 bytes) Hash 56053cd8fb6763ab505369f2fe82dda0 654c11ba42aeeaaacb224e9da0e67d9732eeb520 cb7aa3c2a40840588694850ad3b6b89c347f693a00e098ae90cb146b0537c9c4 HTTP Headers `GET /hall/api/message/popupcfg/currency/VND.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK content-type: application/json content-length: 88 age: 574 server: AliyunOSS x-oss-request-id: 681CF733690BB9B4A18757F0 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Wed, 07 May 2025 00:53:50 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 14677616127532056585 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: VgU82PtnY6tQU2ny/oLdoA== x-oss-server-time: 1 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "56053CD8FB6763AB505369F2FE82DDA0" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: C3mHCCoSfYCPINlEMnp-rE5v-KA1HWk_oXJRkSzJ7og3Hr-CJyE3oQ==

	w2.4hxn3e.shop/assets/theme-1/WithdrawTaskIndex.K2R-QQIQ.js	34.144.193.180	200 OK	59 kB
URL GET w2.4hxn3e.shop/assets/theme-1/WithdrawTaskIndex.K2R-QQIQ.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (58064) Size 59 kB (58643 bytes) Hash 151408df4ab14f9b4d4169376526fc7e bf2fdbc55ed3281beddaf4e29f3d80ac8eca068d a731bc5ab37d517b4ca15e7a7eaca1fffc0d4893e13f03a43d8e118067261769 HTTP Headers `GET /assets/theme-1/WithdrawTaskIndex.K2R-QQIQ.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681CF7398E4DB9313811F4E9 accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 10674790801695865581 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: FRQI30qxT5tNQWk3ZSb8fg== x-oss-server-time: 5 content-encoding: br via: 1.1 google date: Thu, 08 May 2025 18:26:01 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"151408DF4AB14F9B4D4169376526FC7E" content-type: text/javascript vary: Accept-Encoding content-length: 16207 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	w2.4hxn3e.shop/assets/theme-1/SportParlayIndex.DIsyCrwd.js	34.144.193.180	200 OK	442 B
URL GET w2.4hxn3e.shop/assets/theme-1/SportParlayIndex.DIsyCrwd.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (387) Size 442 B (442 bytes) Hash a9cbafb66138ca969a1ab6b126fbd579 d0051ffa16ef741b34502eb7e13dfbca9d992939 d7a39fe00fffa184a5b6ea50d242cc9f966a6b1dd553c40aa957feba8b0a466c HTTP Headers `GET /assets/theme-1/SportParlayIndex.DIsyCrwd.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/StyleIndex.CeAizi4D.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS content-length: 442 x-oss-request-id: 681CF73A72154E30372DB903 accept-ranges: bytes x-oss-object-type: Normal x-oss-hash-crc64ecma: 7809572225522073630 x-oss-storage-class: Standard x-oss-meta-version: v6.0.3 content-md5: qcuvtmE4ypaaGraxJvvVeQ== x-oss-server-time: 2 via: 1.1 google date: Thu, 08 May 2025 18:26:02 GMT cache-control: max-age=31622400 last-modified: Sat, 26 Apr 2025 08:29:57 GMT etag: "A9CBAFB66138CA969A1AB6B126FBD579" content-type: text/javascript age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdntoos.hcm2233.com/hall/api/active/tasks/pop_newcomerBenefit/currency/VND/language/vi.json	3.167.2.113	200 OK	640 B
URL GET cdntoos.hcm2233.com/hall/api/active/tasks/pop_newcomerBenefit/currency/VND/language/vi.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (640), with no line terminators Size 640 B (640 bytes) Hash ae8038b91a05229d3a7fd9a26bf29833 3f77ca0757f9aca6c9450cbc11cee7ecd9d20907 084f58d8decb18248eeb73b4950c7f770fbefe0f6952c3af39f50cea302f468e HTTP Headers GET /hall/api/active/tasks/pop_newcomerBenefit/currency/VND/language/vi.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json content-length: 640 age: 583 server: AliyunOSS x-oss-request-id: 681D4F8A7DAC2CB4E290342A access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 accept-ranges: bytes last-modified: Fri, 09 May 2025 00:21:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 3799623125393152769 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: roA4uRoFIp06f9mia/KYMw== x-oss-server-time: 3 date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,max-age=0,public etag: "AE8038B91A05229D3A7FD9A26BF29833" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: -YuKl9BmnUfWRFiQR3FJM_eL6XtTq_rzGiHgrGyPLLIydsZlRfxOIA==

	ntk16.hcm660.com/cdn-cgi/challenge-platform/h/b/jsd/r/0.8364362012858065:1746753028:0HYjcEBhvDp7DRx9yyB52S1NWhOIM9FmkmrDZgoDGUw/93cd6e8e6986568b	104.21.96.1	200 OK	0 B
URL POST ntk16.hcm660.com/cdn-cgi/challenge-platform/h/b/jsd/r/0.8364362012858065:1746753028:0HYjcEBhvDp7DRx9yyB52S1NWhOIM9FmkmrDZgoDGUw/93cd6e8e6986568b IP 104.21.96.1:443 ASN #13335 CLOUDFLARENET Requested by https://ntk16.hcm660.com/index2.php Certificate IssuerGoogle Trust Services Subjecthcm660.com FingerprintF7:AC:AD:B3:99:C8:24:01:31:1C:77:43:10:12:2E:A3:B7:98:7F:93 ValidityMon, 14 Apr 2025 22:05:54 GMT - Sun, 13 Jul 2025 23:04:33 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/jsd/r/0.8364362012858065:1746753028:0HYjcEBhvDp7DRx9yyB52S1NWhOIM9FmkmrDZgoDGUw/93cd6e8e6986568b HTTP/1.1 Host: ntk16.hcm660.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 12098 Origin: https://ntk16.hcm660.com DNT: 1 Connection: keep-alive Referer: https://ntk16.hcm660.com/index2.php Cookie: uDomain=ntk16.hcm660.com; PHPSESSID=f63lron611ajlmie94uo9a92c8; uUrl=w2.4hxn3e.shop; cf_clearance=cXNWLPjMcSF.Rd2BKG6pHI.ponv5JG7bN4HKjkt198A-1746754229-1.2.1.1-Yaazjel4DeeO9ka10VwjIdUAacpV.HBvRiKaH0PmQaacjQxqOAIRLdv1jGWOFy43rriQKHX2f8atDmaPMhzlpyOpCjser0nD9pBVuzigeSwkVsjiHFAWfcX3PfdGu7k9y28vQwrsXoBSsTcVVigUYMdL8X_Z_zmgty7T7_QvuAU_jvE6ADoa3LMi8r02L9yW7TSmmhnd7Rk.yMYNerbbgOqoga_QKQE3i8YC03ikFtWfSCeYgP8SWnSN05tI83k3.eRDpy9x646AXrq1GeICuUh4N_G9MFzF0.u4NaBGvX2LWcCPk2bi7mY8pB7_At8RtOY7FWp_jRvrWyZxMSjM9afS2G4Tk21Nc6lfRVWDeNs Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:29 GMT content-type: text/plain; charset=UTF-8 content-length: 0 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ha3m1ybgYiW9ovXB0om7rqOPtIptuMGbsku1VSrTds9K3ZRbGAtWa%2BQynwgy8OCTBy2u0c2iqKj0RHKQXFFYVFKzahsBam6ziAp9OwYb0tTzy9KR3lPkV2j85b8ikqBCKwPt"}],"group":"cf-nel","max_age":604800} set-cookie: cf_clearance=2KzEJa6SjQPTzZAKQDYGUW4FsnOzfr4fRdh12RVaCL4-1746754229-1.2.1.1-G_PrA5DW1GQk1lkGmazd.3B1B8aWSM.yf5mXzAWCH_XHbE_XSq3JVJp1cxf8Tgu.UulgQnSsIb129Ows.myzkAecB9wYUEleWnLc.HiIflyQGa92MGeDLNwNx4Cxms9LUaWQmUrExQ.BwNYODW8LYQqB67MzHjsDEaJIPjuxn4GWNSKPZ0jRrH8uKu5eMwkhCYlgRTILXq1K0WqXQE2iHRMEehnyBctbRWEbavxkvTqIH3zOpaG5clkyRzj_fTKV7ZRPbbtOKihmQawmDofgPZhKApHqsrl08a8C59WUoYgmv44ah5qWHuYlU7I2hYVszctiXxayooZyorsopyBjjhf.NmdmV4tuQnTsnF8MdXU; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=hcm660.com; Expires=Sat, 09 May 2026 01:30:29 GMT cf-ray: 93cd6e9159a5568b-OSL server: cloudflare nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=3806&min_rtt=1397&rtt_var=3300&sent=64&recv=51&lost=0&retrans=0&sent_bytes=23764&recv_bytes=30605&delivery_rate=2388757&cwnd=12000&unsent_bytes=0&cid=8dd6d7e55a4db7ba&ts=1083&x=16"

	w2.4hxn3e.shop/assets/theme-1/commonChunk.YF_WJvZF.css	34.144.193.180	200 OK	389 kB
URL GET w2.4hxn3e.shop/assets/theme-1/commonChunk.YF_WJvZF.css IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 389 kB (388835 bytes) Hash 88d41434cfe7419d0d4289cd5cd007b6 c4f54803b290d706223a28b5fd719cf6c118c96b 1f58f9c6bccd7c9351184903d02a8dc6232b5299c225fe4a04710136aa6320e2 HTTP Headers `GET /assets/theme-1/commonChunk.YF_WJvZF.css HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: AliyunOSS x-oss-request-id: 681CF72B08EA323038A6A0DC x-oss-object-type: Normal x-oss-hash-crc64ecma: 16103644267919234771 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: iNQUNM/nQZ0NQonNXNAHtg== x-oss-server-time: 6 content-encoding: gzip via: 1.1 google date: Thu, 08 May 2025 18:25:47 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT content-type: text/css vary: Accept-Encoding content-length: 56964 age: 25483 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	o566mch.hcm665.com/hall/api/message/list/all/currency/VND/language/vi/page/1/type/99.json	104.18.24.129	200 OK	6.2 kB
URL GET o566mch.hcm665.com/hall/api/message/list/all/currency/VND/language/vi/page/1/type/99.json IP 104.18.24.129:443 ASN #13335 CLOUDFLARENET Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subjecto566mch.hcm665.com Fingerprint8D:AE:CB:2C:0B:AB:E1:F3:83:28:02:42:8C:29:CA:88:30:6C:DA:FD ValiditySun, 04 May 2025 14:35:15 GMT - Sat, 02 Aug 2025 15:35:05 GMT File type ASCII text, with very long lines (6168), with no line terminators Size 6.2 kB (6168 bytes) Hash 2fcb87f3cf23924252e96eba4ecdf350 6da3c9c53a2c014be74c5a6299daed08b6fcc495 c710af5c1370291fd5d67b02f3137ff402fc37dd0bd1dc72954df86af279a2a0 HTTP Headers GET /hall/api/message/list/all/currency/VND/language/vi/page/1/type/99.json HTTP/1.1 Host: o566mch.hcm665.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Fri, 09 May 2025 01:30:34 GMT content-type: application/json vary: Accept-Encoding, Origin x-oss-request-id: 681D5AB9048FEF8C7F0ECD21 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Fri, 09 May 2025 01:28:31 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 6242694230108525606 x-oss-storage-class: Standard cache-control: s-maxage=600,max-age=0,public x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: L8uH888jkkJS6W66Ts3zUA== x-oss-server-time: 5 content-encoding: gzip cf-cache-status: EXPIRED priority: u=3,i=?0 server: cloudflare cf-ray: 93cd6ea92cafb503-OSL alt-svc: h3=":443"; ma=86400 server-timing: cfExtPri

	cdntoos.hcm2233.com/hall/api/lobby/config/getAppDownloadInfo.json	3.167.2.113	200 OK	1.1 kB
URL GET cdntoos.hcm2233.com/hall/api/lobby/config/getAppDownloadInfo.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (1068), with no line terminators Size 1.1 kB (1068 bytes) Hash fc7de8c87a988a24920eb97154c713aa 921b529062e9ba66c99ee29aa2b92581486e74bc f664c7291aa98777f244506097ee1b220271ccd24fcdc978b918e9760e145e1c HTTP Headers `GET /hall/api/lobby/config/getAppDownloadInfo.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/json server: AliyunOSS x-oss-request-id: 681D08F2F53B5C3C9FA39683 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Wed, 07 May 2025 19:05:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 15634743082186346497 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: /H3oyHqYiiSSDrlxVMcTqg== x-oss-server-time: 1 content-encoding: gzip date: Fri, 09 May 2025 01:21:04 GMT cache-control: s-maxage=600,public,max-age=0 etag: "FC7DE8C87A988A24920EB97154C713AA" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 50a19afbefe1a01ca6a87078a2b119c2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: jJuUUxljZ4j1VooWRAz8Dgx8g08Ijl5vUkZujQLHNNG2xicT62hGLA== age: 574 X-Firefox-Spdy: h2

	cdntoos.hcm2233.com/hall/api/message/list/all/currency/VND/language/vi/page/1/type/99.json	3.167.2.113	200 OK	6.2 kB
URL GET cdntoos.hcm2233.com/hall/api/message/list/all/currency/VND/language/vi/page/1/type/99.json IP 3.167.2.113:443 ASN #0 Requested by https://w2.4hxn3e.shop/ Certificate IssuerAmazon Subjectcdntoos.hcm2233.com Fingerprint9E:9F:D9:0F:D7:B2:AC:4A:9E:7C:90:FD:2C:D0:AA:F8:84:CC:3E:B6 ValidityWed, 02 Oct 2024 00:00:00 GMT - Fri, 31 Oct 2025 23:59:59 GMT File type ASCII text, with very long lines (6168), with no line terminators Size 6.2 kB (6168 bytes) Hash 9737924e71822f7218c982f1b6d22d8f d86d2c0f9587af2a5ed3de189ba2219679cfd5e7 499fe7a50ea8faf7af09181008133acaeee326553c79bcd3dd3e107b69e90a8b HTTP Headers GET /hall/api/message/list/all/currency/VND/language/vi/page/1/type/99.json HTTP/1.1 Host: cdntoos.hcm2233.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://w2.4hxn3e.shop DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/json alt-svc: h3=":443"; ma=86400 age: 575 server: AliyunOSS x-oss-request-id: 681D4F9113F9D4DEBF0050C2 access-control-allow-origin: * access-control-allow-methods: GET, POST, HEAD, PUT access-control-expose-headers: Etag access-control-max-age: 200 last-modified: Fri, 09 May 2025 00:19:40 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 10138261616478816509 x-oss-storage-class: Standard x-oss-ec: 0048-00000110 content-disposition: attachment x-oss-force-download: true content-md5: lzeSTnGCL3IYyYLxttItjw== x-oss-server-time: 1 content-encoding: gzip date: Fri, 09 May 2025 01:21:11 GMT etag: "9737924E71822F7218C982F1B6D22D8F" cache-control: s-maxage=600,max-age=0,public vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 be3750c9aa69fd9d53a35aea8d9dab16.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P2 x-amz-cf-id: ymQv-EhSENKQGAfKCiewPyZ3Sh4NvCWlGXyUzzG06kacZUvqVsoG4A==

	w2.4hxn3e.shop/assets/theme-1/2_TaskDialogsChunk.CHl45i3X.js	34.144.193.180	200 OK	6.9 kB
URL GET w2.4hxn3e.shop/assets/theme-1/2_TaskDialogsChunk.CHl45i3X.js IP 34.144.193.180:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://w2.4hxn3e.shop/ Certificate IssuerGoogle Trust Services Subject.4hxn3e.shop FingerprintAE:83:78:EA:07:54:2F:67:B3:7B:A6:D3:47:13:57:0A:A3:A4:1E:B5 ValiditySun, 30 Mar 2025 11:02:13 GMT - Sat, 28 Jun 2025 11:58:08 GMT File type JavaScript source, ASCII text, with very long lines (6883) Size 6.9 kB (6940 bytes) Hash f511f3f31cdf3fe76c3162946fa32d91 683dfe1aaa1261e1f990bc16c601b2575c8a6921 5e1e8c84d494b81662673b5174eea96cafad91c09d135ca0673b51d362c36a7c HTTP Headers `GET /assets/theme-1/2_TaskDialogsChunk.CHl45i3X.js HTTP/1.1 Host: w2.4hxn3e.shop User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://w2.4hxn3e.shop/assets/theme-1/commonChunk.CbstCaL4.js Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK server: AliyunOSS x-oss-request-id: 681D47177732EB3534CF2FCD accept-ranges: none x-oss-object-type: Normal x-oss-hash-crc64ecma: 12919875421386855750 x-oss-storage-class: Standard x-oss-meta-version: v6.0.48-v6.0.52 content-md5: 9RHz8xzfP+dsMWKUb6MtkQ== x-oss-server-time: 22 content-encoding: br via: 1.1 google date: Fri, 09 May 2025 00:06:47 GMT cache-control: max-age=31622400 last-modified: Thu, 08 May 2025 13:05:01 GMT etag: W/"F511F3F31CDF3FE76C3162946FA32D91" content-type: text/javascript vary: Accept-Encoding content-length: 2256 age: 5040 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (95)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML