Report - 14td.com/arttypehtml/15.html

Report Overview

Submitted URL
14td.com/arttypehtml/15.html
IP
38.48.222.73
ASN
#174 COGENT-174
Submitted
2023-02-04 02:23:44
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
16
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	718 B	3.8 kB	104.18.21.226
kmr.mjnbrt.xyz	unknown	2022-09-14T16:20:49Z	2023-02-24T07:52:52Z	376 B	85 kB	23.224.92.246
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	70 kB	34.120.237.76
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	367 B	1.9 kB	104.18.20.226
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	2.3 kB	24 kB	103.235.46.191
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-13T05:37:01Z	278 B	750 B	112.34.113.148
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-13T05:14:15Z	2.1 kB	7.3 kB	172.64.155.188
jmrtd.loispp.com	unknown	2023-01-14T10:51:31Z	2023-02-22T04:52:04Z	1.5 kB	13 kB	23.224.88.179
kmopoer.jkbuymjhp.xyz	unknown	2023-02-04T02:48:25Z	2023-02-04T02:48:25Z	1.2 kB	881 B	23.224.88.178
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	95.101.11.115
img.jialiimg.com	269179	2021-08-22T15:32:15Z	2023-03-09T14:52:39Z	10 kB	1.5 MB	108.186.171.14
cdn.jqueryapi.org	unknown	2023-01-11T23:00:40Z	2023-03-11T18:23:30Z	377 B	773 B	104.21.14.242
14td.com	unknown	2015-03-25T08:00:46Z	2023-02-02T03:13:14Z	3.7 kB	215 kB	38.48.222.73
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.0 kB	2.9 kB	104.18.32.68
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.83.217.74
yaoji666.oss-cn-hongkong.aliyuncs.com	unknown	2022-07-13T01:48:19Z	2023-03-13T03:58:10Z	399 B	96 kB	47.75.19.46
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-13T05:37:01Z	331 B	114 B	112.34.113.148
poike.mkjmdsc.xyz	unknown	2023-01-12T06:02:34Z	2023-02-15T18:17:04Z	761 B	633 kB	23.224.92.245
hnrtg.iujkegbpo.xyz	unknown	2023-02-03T17:49:12Z	2023-02-08T18:02:11Z	1.2 kB	881 B	192.151.200.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-04 02:24:04	high	38.48.222.73	Client IP	ET HUNTING Possible Obfuscator io JavaScript Obfuscation
2023-02-04 02:24:06	low	23.224.88.179	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-02-04 02:24:06	low	23.224.88.179	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-02-04 02:24:08	medium	23.224.92.245	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
2023-02-04 02:24:08	medium	23.224.92.245	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
2023-02-04 02:24:08	low	192.151.200.35	Client IP	ET INFO Observed ZeroSSL Certificate for Suspicious TLD (.xyz)
2023-02-04 02:24:08	low	192.151.200.35	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-02-04 02:24:08	low	23.224.88.98	Client IP	ET INFO Observed ZeroSSL Certificate for Suspicious TLD (.xyz)
2023-02-04 02:24:08	low	23.224.88.98	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-02-04 02:24:08	low	23.224.88.98	Client IP	ET INFO Observed ZeroSSL Certificate for Suspicious TLD (.xyz)
2023-02-04 02:24:08	low	23.224.88.98	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-02-04 02:24:09	low	23.224.88.178	Client IP	ET INFO Observed ZeroSSL Certificate for Suspicious TLD (.xyz)
2023-02-04 02:24:09	low	23.224.88.178	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-02-04 02:24:12	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-04 02:24:12	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-04 02:24:12	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-19
Pretty URL push.zhanzhang.baidu.com/push.js IP 112.34.113.148 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 12:08:45 Times Seen18958 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	14td.com/bbvip/top.js	297 B	2023-03-13	2023-03-13
Pretty URL 14td.com/bbvip/top.js IP 38.48.222.73 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-13 16:28:33 Times Seen1 Hash 21db6ae954551c684e2bfa8a024ffdcf b7e8ab2642bc4c410580bf2d84f10e8a0b114794 9386037d0e6c870e6a11b39158b6309b9ada164b88a9d045f8ff222a00d8619c Loading...

	14td.com/bbvip/dibu.js	18 kB	2023-03-13	2023-03-14
Pretty URL 14td.com/bbvip/dibu.js IP 38.48.222.73 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 07:33:08 Times Seen1 Hash 2de1f4dcd91d44da5da5398389075d85 609e5259e842105be2a6e597553cc7339a212914 931129a0dbaf93b39718a4257200e63bb0380a3f5466e7d88e78914b60ab7746 Loading...

	14td.com/arttypehtml/15.html	404 B	2023-03-07	2024-04-18
Pretty URL 14td.com/arttypehtml/15.html IP 38.48.222.73 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 08:01:19 Times Seen2975 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	hm.baidu.com/hm.js?6e7a8c72268c6afc41c35af020bc56e4	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?6e7a8c72268c6afc41c35af020bc56e4 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:17:59 Last Seen2023-03-13 16:17:59 Times Seen1 Hash 3ed5d8b442f3e43dd1492ba684f73301 2d196328ef07533a87a0202784e12f38637c2bb8 44e1d0d6b63316a76c02a8ca0e4cd34141226e95d670c34acfb1c0a1f786311a Loading...

	hm.baidu.com/hm.js?5a2c1ff98e0d0fa12d09f218a1437bd7	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?5a2c1ff98e0d0fa12d09f218a1437bd7 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:17:59 Last Seen2023-03-13 16:17:59 Times Seen1 Hash 7877ccb017eecb8ac5d2fd8858ad51cd e5529ed47aaf41768fdc90b2e5f00a0d29494195 f007a99ac3e31eb4840914559b2abe2a29218e0c8bb294db84d70f464dde8851 Loading...

	jmrtd.loispp.com/k/157553	16 kB	2023-03-13	2023-03-13
Pretty URL jmrtd.loispp.com/k/157553 IP 23.224.88.179 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:17:59 Last Seen2023-03-13 16:17:59 Times Seen1 Hash db3214f55130cca27de429a9410ae3e9 d0650e3ac22740da3c5d3fdb8b335b977a5df865 b34d915bb6faa03bdad2924af7a008c2f4642ae33e384d69ba9afac29804aa52 Loading...

	14td.com/arttypehtml/15.html	39 B	2023-03-08	2023-11-23
Pretty URL 14td.com/arttypehtml/15.html IP 38.48.222.73 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:36:06 Last Seen2023-11-23 20:45:52 Times Seen35 Hash bdd2a1fe24f6293d8f8c933064d360f6 66a4e36f7a39deb436d392df667b0b2b928ce36b e46487d00ac62a152aaf25aad969d7883b2ce400b28898f864921ffd82655247 Loading...

	14td.com/bbvip/dh.js	1.2 kB	2023-03-13	2023-03-14
Pretty URL 14td.com/bbvip/dh.js IP 38.48.222.73 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash c8986d0167069b25ca27e6007312a4bb ac42efb92ac662d7466dd009d49a16f1e76ecc10 228983b121f9a3eef6d9e366981f84ee147ad8979c76c04208affb7d9bff4e37 Loading...

	14td.com/bbvip/zhong.js	0 B	2023-03-07	2024-04-19
Pretty URL 14td.com/bbvip/zhong.js IP 38.48.222.73 ASN #174 COGENT-174 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 15:16:29 Times Seen36961246 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.jqueryapi.org/ajax/libs/jquery/3.6.1/jquery.js	81 B	2023-03-08	2024-03-30
Pretty URL cdn.jqueryapi.org/ajax/libs/jquery/3.6.1/jquery.js IP 104.21.14.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:22:19 Last Seen2024-03-30 23:54:43 Times Seen861 Hash a6c77b902824ed3efc0808b847e970af e879b4afd66a83538b7294079fc26eb75d3ff3c7 0aca640a180911e0bc24422cc117785a06bbe5d4ecceaa99a3c85c055a1aa79b Loading...

	jmrtd.loispp.com/k/157554	16 kB	2023-03-13	2023-03-13
Pretty URL jmrtd.loispp.com/k/157554 IP 23.224.88.179 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:17:59 Last Seen2023-03-13 16:17:59 Times Seen1 Hash 3c49346ef3734280964cc1c724fd4131 a8491d5e541f71ca49254e2f5d7a8539672bac08 e5019d366d83619509626507426293a46c8b9d73d05ca6c69e563ac6d4a74fcb Loading...

		Size	First Seen	Last Seen
	#1 Write - 24aeea9a8f58a6d74205cbef5b3b4ac9	86 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash 24aeea9a8f58a6d74205cbef5b3b4ac9 f74809c3238e7534892a31b37fb791889720c679 288b7aaf2991337c7f6b59940395714c792e948dffcdad924831c9649b6d50e7 Loading...

	#2 Write - 2cd15ad9a44969cc3070c1dd9db3cf0b	8 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 16:17:59 Last Seen2023-03-13 16:17:59 Times Seen1 Hash 2cd15ad9a44969cc3070c1dd9db3cf0b de3e66f9926691dad1b6b9d8ca5c7237d0c18010 15e388ab5f4fc671e004bbb0cfbe9f7de41a24b2a51ddb7cb3efccb12d8b1d01 Loading...

	#3 Write - 8477c351e9992c80fe3fba5c59aaee8b	65 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash 8477c351e9992c80fe3fba5c59aaee8b 575a10f8a99f458b3df211d57a2f940d23ba2692 16df17578656eea37f46952234efba7cdb7f071e1e3228e89ef0b03c36fd28c1 Loading...

	#4 Write - 24525cf20ea0ef6528cd015a2e0abe23	84 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash 24525cf20ea0ef6528cd015a2e0abe23 bd2ca75f593dd24bdcdaffbee8a21952a04d14a9 728c74e22b98639614e336f689b29e0fc428bed68e27feb8947747395fcb48be Loading...

	#5 Write - e506e794b6b77f75ef3461cfc9cd1a17	80 B	2023-03-12	2023-07-20
Pretty Observations First Seen2023-03-12 20:48:26 Last Seen2023-07-20 23:10:39 Times Seen5 Hash e506e794b6b77f75ef3461cfc9cd1a17 55481e7a7148122a4df7eb43ed9b5d700b742a85 27a49622edaa2dfa2855b28ad6947a5cfae5a308096b54927197f7ff80266e15 Loading...

	#6 Write - c8af499bcdfcb9e8d4d9a44638442203	82 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash c8af499bcdfcb9e8d4d9a44638442203 4d8507c83a8e0817b2f48983802af62a954cb698 b49ff73d2de8f94a50a6cdced8946d747bd09723fb8bc3b1fcf3c6244b8e6539 Loading...

	#7 Write - 8c76b36735268db7f263f564eb3ac4d1	86 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash 8c76b36735268db7f263f564eb3ac4d1 8a6d14568be7fa473ed52caf78bf899be324f9c7 95d0dda0e3eca951cf25ac59fa535cf4379c03c5e3c9b748b920c17e9f115436 Loading...

	#8 Write - ee2e4dad4833815fbb7d7ed5f3dd616a	88 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash ee2e4dad4833815fbb7d7ed5f3dd616a 4d8b1913862e323b61d399d474eb484affc9bb7c 8da6899232f236ec39380b3fa6979cf87df2461e30e205e2add32130a1b55ae1 Loading...

	#9 Write - 0d1cd71f8687e5e213e00fd827b714f6	88 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash 0d1cd71f8687e5e213e00fd827b714f6 718e9bef604c366c3cec54af0138943bae7825ab bab949b6dd67158ed9b6aaae398bb840c72020ab8ffc8fdced1d1138ee5da6a5 Loading...

	#10 Write - 78f621fcf42c5efb0642cfb661cb5509	6 B	2023-03-07	2024-02-16
Pretty Observations First Seen2023-03-07 01:10:40 Last Seen2024-02-16 23:48:25 Times Seen226 Hash 78f621fcf42c5efb0642cfb661cb5509 feb02beb84d0ef329b7f0b5779ea11ccb811d078 0fc51e438575274db5e7f8d84e4f448b25755edd08ca9bf2c9244abcd9ccfe09 Loading...

	#11 Write - b963d8363c925e93b4b1f6f0210da892	120 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash b963d8363c925e93b4b1f6f0210da892 e77800124e2da60e07c8770fc31f7d8565cfd320 dd9a78605b78d351cc50e8de718c337c3a22628ad21490f1344f668ce1fc2f81 Loading...

	#12 Write - a9a9630c4af0682e0e5d7047608857a3	88 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash a9a9630c4af0682e0e5d7047608857a3 7357076677c4be2a0278e39dba20d383517db5a1 55630f9bc7e1629f4ae7dc45db62dcdd8cf7e302fe7cc248b70c37f36fa8c219 Loading...

	#13 Write - cb8c3fc7bf36399197ad61b07edd1ec6	7 B	2023-03-07	2024-02-16
Pretty Observations First Seen2023-03-07 01:03:56 Last Seen2024-02-16 23:48:24 Times Seen400 Hash cb8c3fc7bf36399197ad61b07edd1ec6 ecc06bb652f7d413b361feaa978d0b6a18daff87 177cd245b4583b6b7938467940dcbb1830940e942b8c17117c44909c260ae8de Loading...

	#14 Write - b448f700971a02f6842427f32db97dde	170 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash b448f700971a02f6842427f32db97dde 693d0c9ac00c3b22a7f91b6615bf8254c8e3beb1 18fe1e636d662f0e4b3049b5dfda90584d7a62cc08e4f68c0c3c36346a7588af Loading...

	#15 Write - a4bd6c62902ddd85adf60bc49cde632b	82 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 08:02:02 Last Seen2023-03-14 14:02:22 Times Seen1 Hash a4bd6c62902ddd85adf60bc49cde632b 52517cbe7b9591576ec3c1626b172b552dd0473a d018980382326f77d4bef70b38559931ed4de5957a3cc3976a8d983d9f8206e2 Loading...

HTTP Transactions (86)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4900
Expires: Sat, 04 Feb 2023 03:45:09 GMT
Date: Sat, 04 Feb 2023 02:23:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11837
Expires: Sat, 04 Feb 2023 05:40:46 GMT
Date: Sat, 04 Feb 2023 02:23:29 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 01:43:35 GMT
content-type: application/json
age: 2394
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8284
Expires: Sat, 04 Feb 2023 04:41:33 GMT
Date: Sat, 04 Feb 2023 02:23:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: kwO0DHhVaf7JAFmEL6M+ym9Hxg8W+YNECI8ZbYW+yiuWnqz1Kt4phBqRdM63up1ehAu372u9QMI=
x-amz-request-id: X0D2EBG26AKA0444
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 01:23:48 GMT
age: 3581
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

14td.com/arttypehtml/15.html

38.48.222.73

200 OK

4.8 kB

URL HTTP/1.1
14td.com/arttypehtml/15.html
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (316), with CRLF line terminators
Size
4.8 kB (4802 bytes)
Hash
adbc2be7c6f1012718ab16c874b8e788
d8c8d320cc7acceb08ebd8b6d290f88535b65958
a471bb74f16d28d72ab4e7bd4ba0f94c010a69beb093770ec11711f7857c77f5

HTTP Headers

GET /arttypehtml/15.html HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 23:08:07 GMT
Accept-Ranges: bytes
ETag: "80a5fc3b7f24d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:41 GMT
Content-Length: 4802

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:29 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

14td.com/bbvip/dh.js

38.48.222.73

200 OK

1.2 kB

URL HTTP/1.1
14td.com/bbvip/dh.js
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.2 kB (1155 bytes)
Hash
50fa278bba5e797288d75804f419b6ff
ef5b51929666ff6c5b6a356bd44db43af4f7c54c
208541f13d00bd8095b94c946dadce7c1d62253e686ea05ca4c4ea7e1dd499f3

HTTP Headers

GET /bbvip/dh.js HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/arttypehtml/15.html

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 26 Jan 2023 13:02:30 GMT
Accept-Ranges: bytes
ETag: "9d7fbe728631d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:41 GMT
Content-Length: 1155

14td.com/bbvip/top.js

38.48.222.73

200 OK

300 B

URL HTTP/1.1
14td.com/bbvip/top.js
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
300 B (300 bytes)
Hash
708be12e8049710d902bd82c598447c2
6e19acf89f232e8fa9b315bfb1d94487d5821ca8
7b501cd5ccd0667d321514c2d3b35a60b9a70d10d093c80f8cf2cf2a8d867f17

HTTP Headers

GET /bbvip/top.js HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/arttypehtml/15.html

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 26 Jan 2023 13:07:05 GMT
Accept-Ranges: bytes
ETag: "5406f168731d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:41 GMT
Content-Length: 300

14td.com/bbvip/zhong.js

38.48.222.73

200 OK

0 B

URL HTTP/1.1
14td.com/bbvip/zhong.js
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bbvip/zhong.js HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/arttypehtml/15.html

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 26 Jan 2023 12:43:57 GMT
Accept-Ranges: bytes
ETag: "83bf1edb8331d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:41 GMT
Content-Length: 0

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
bfd200cfedf9d5e66bf4a3c8b402e219
70c0f97f1bb75c6676f184e197a0d0b7331ba363
33efd3e3eea2317308561d9a1ef96fda3a0bce0629b42df5eedcf18085a79c84

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 10:55:25 GMT
Expires: Thu, 09 Feb 2023 10:55:24 GMT
Etag: "70c0f97f1bb75c6676f184e197a0d0b7331ba363"
Cache-Control: max-age=462113,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793ff1d7e906b51d-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 01:49:07 GMT
age: 2063
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
bfd200cfedf9d5e66bf4a3c8b402e219
70c0f97f1bb75c6676f184e197a0d0b7331ba363
33efd3e3eea2317308561d9a1ef96fda3a0bce0629b42df5eedcf18085a79c84

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 10:55:25 GMT
Expires: Thu, 09 Feb 2023 10:55:24 GMT
Etag: "70c0f97f1bb75c6676f184e197a0d0b7331ba363"
Cache-Control: max-age=462113,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793ff1d7f9c1b51b-OSL

14td.com/template/default/css/zui.css

38.48.222.73

200 OK

98 kB

URL HTTP/1.1
14td.com/template/default/css/zui.css
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
assembler source, Unicode text, UTF-8 (with BOM) text
Size
98 kB (98414 bytes)
Hash
b4e91bd9a938fd18d073ee85ce760801
0df5c722d6695af08d867f851a73b5c5017f2e58
88605c26a731c626ad17d810332f14788d14049ddea597b75d5df0d08008428f

HTTP Headers

GET /template/default/css/zui.css HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/arttypehtml/15.html

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Sun, 24 Apr 2022 03:43:58 GMT
Accept-Ranges: bytes
ETag: "303e8c878d57d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:41 GMT
Content-Length: 98414

14td.com/template/default/css/ate.css

38.48.222.73

200 OK

76 kB

URL HTTP/1.1
14td.com/template/default/css/ate.css
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
ASCII text, with CRLF line terminators
Size
76 kB (75492 bytes)
Hash
b49992e1f195c8a7fae8874c7484979d
d061a88013db4f88c6e518f5a9aa17a308dee2f1
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

HTTP Headers

GET /template/default/css/ate.css HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/arttypehtml/15.html

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 21 Apr 2022 12:25:47 GMT
Accept-Ranges: bytes
ETag: "f4f413ee7a55d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:41 GMT
Content-Length: 75492

14td.com/bbvip/dibu.js

38.48.222.73

200 OK

18 kB

URL HTTP/1.1
14td.com/bbvip/dibu.js
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (10660), with CRLF line terminators
Size
18 kB (18522 bytes)
Hash
edb1fe46980559b55217a7fa1739dc72
afe1c8f18713188ac59a3dbe194bc220f735281d
50de942133c0f87756a9e0f6951e66b7358c1d289e9b7adfaf6cfc7fadc56432

Detections

NIDS	Severity	Alert
suricata	high	ET HUNTING Possible Obfuscator io JavaScript Obfuscation

HTTP Headers

GET /bbvip/dibu.js HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/arttypehtml/15.html

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 26 Jan 2023 13:08:28 GMT
Accept-Ranges: bytes
ETag: "27a32e488731d91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:41 GMT
Content-Length: 18522

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5566
Expires: Sat, 04 Feb 2023 03:56:16 GMT
Date: Sat, 04 Feb 2023 02:23:30 GMT
Connection: keep-alive

img.jialiimg.com/upload/vod/20220614-1/c1d5051b75dca5c627d8f4336a6c8f1c.jpg

108.186.171.14

200 OK

9.5 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220614-1/c1d5051b75dca5c627d8f4336a6c8f1c.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.5 kB (9548 bytes)
Hash
0654e4de97d6a2ae3ad9f44666cdc882
50e1e58c9da488f0cba51ed0c93553ba4f8e8449
9148e63d61befdb838672151e37ae50739f0efa8b2670606be6883d669ec9ab8

HTTP Headers

GET /upload/vod/20220614-1/c1d5051b75dca5c627d8f4336a6c8f1c.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 9548
last-modified: Mon, 13 Jun 2022 23:41:06 GMT
etag: "62a7cb12-254c"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/d336acdec43c5f9a92b791c38784693f.jpg

108.186.171.14

200 OK

9.9 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/d336acdec43c5f9a92b791c38784693f.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
1f132038b0a6a3d3390d138b77b5874e
7d6b2ea5ee636992138487cbed8abef02f172ae1
ef9f0d816f3c8d3bede785fbd46f9a93d27f79fb978c56ca28d93d4afa0dd313

HTTP Headers

GET /upload/vod/20230110-1/d336acdec43c5f9a92b791c38784693f.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 9914
last-modified: Mon, 09 Jan 2023 16:07:39 GMT
etag: "63bc3bcb-26ba"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

14td.com/template/default/ads/img/1.gif

38.48.222.73

200 OK

254 B

URL HTTP/1.1
14td.com/template/default/ads/img/1.gif
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
GIF image data, version 89a, 16 x 17\012- data
Size
254 B (254 bytes)
Hash
b013f8fa3ec997fe20dc80b82af0ad0a
e02ce6c30d5c0abfaa3e008d1a3ce7d11f299ed9
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

HTTP Headers

GET /template/default/ads/img/1.gif HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/arttypehtml/15.html

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Thu, 21 Apr 2022 12:25:49 GMT
Accept-Ranges: bytes
ETag: "f47b36ef7a55d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:42 GMT
Content-Length: 254

14td.com/template/default/images/video-play.png

38.48.222.73

200 OK

1.6 kB

URL HTTP/1.1
14td.com/template/default/images/video-play.png
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

HTTP Headers

GET /template/default/images/video-play.png HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/template/default/css/zui.css

HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 21 Apr 2022 12:26:06 GMT
Accept-Ranges: bytes
ETag: "14e35ef97a55d81:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:42 GMT
Content-Length: 1567

14td.com/template/default/images/and.gif

38.48.222.73

200 OK

6.9 kB

URL HTTP/1.1
14td.com/template/default/images/and.gif
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
GIF image data, version 89a, 240 x 50\012- data
Size
6.9 kB (6879 bytes)
Hash
593da81b5a29b82b3eac9a2a88718d1f
c032abb8e5c2fb56b1efd2850fd722fcd055ab2c
50b5a246b2a79045f01b366e281ff46cdd20500adc017193f19083799dc0471c

HTTP Headers

GET /template/default/images/and.gif HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/arttypehtml/15.html

HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Tue, 03 Jan 2023 07:47:53 GMT
Accept-Ranges: bytes
ETag: "48d0e8af471fd91:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:42 GMT
Content-Length: 6879

img.jialiimg.com/upload/vod/20220614-1/d6af4b6e15d5a7ddb229a9b78dd24e2a.jpg

108.186.171.14

200 OK

12 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220614-1/d6af4b6e15d5a7ddb229a9b78dd24e2a.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (12020 bytes)
Hash
e1eae47f4252afbb2e0456afb1cd7ae2
c6a4b3004c34c2f7953aaf7618a8b26357e49a71
861c0d17f67447ca471473df093b354af14cbca17f01bb5bd145a677b16e35e1

HTTP Headers

GET /upload/vod/20220614-1/d6af4b6e15d5a7ddb229a9b78dd24e2a.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 12020
last-modified: Mon, 13 Jun 2022 23:41:06 GMT
etag: "62a7cb12-2ef4"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
f4307599a39fff4a4b8d858428d82f7d
f14f5498c7de9396337d4ae78dc739ed07eec146
1ddbfe0111454aab7227c59b81fbe83c78fb3a58e0e1ec905aa4e1322d274b36

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1DDBFE0111454AAB7227C59B81FBE83C78FB3A58E0E1EC905AA4E1322D274B36"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19482
Expires: Sat, 04 Feb 2023 07:48:13 GMT
Date: Sat, 04 Feb 2023 02:23:31 GMT
Connection: keep-alive

push.services.mozilla.com/

35.83.217.74

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.217.74:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nNmYFApEGnmG9HTYTBIv5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0QWZHgZVbM61VALwmVMs3aGCLw0=

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16605
Expires: Sat, 04 Feb 2023 07:00:16 GMT
Date: Sat, 04 Feb 2023 02:23:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16605
Expires: Sat, 04 Feb 2023 07:00:16 GMT
Date: Sat, 04 Feb 2023 02:23:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10253 bytes)
Hash
392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 15490
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9500 bytes)
Hash
3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:59:51 GMT
age: 15820
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 15785
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7101 bytes)
Hash
41580a501cc07c328e6ab6b167a110dc
a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e
0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1-NjCSeyrUAwvL2BDl1JXYK0WY0ze5FZz5-chZ6x2IEnDQBw9rEv6w==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:11:51 GMT
age: 15100
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14071 bytes)
Hash
9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:47:06 GMT
age: 16585
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8267 bytes)
Hash
99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ThTL_OlFd4yMELCmSzH4ziqxa8gdYgAAbxLY9VZPVaIldOUkvFVF_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:12:43 GMT
age: 15048
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g3

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g3
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1461 bytes)
Hash
3e63294932da5a0aa358139a084618ce
57b9705f948d422df9aaea69b4169fed92383ea8
806ffbe8e830087ecef9f139ca6803727513eb82872306f5a06156b36fda15ae

HTTP Headers

POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 08 Feb 2023 00:00:12 GMT
ETag: "57b9705f948d422df9aaea69b4169fed92383ea8"
Last-Modified: Sat, 04 Feb 2023 00:00:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1696
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793ff1de19080b31-OSL

e1.o.lencr.org/

95.101.11.115

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
f4307599a39fff4a4b8d858428d82f7d
f14f5498c7de9396337d4ae78dc739ed07eec146
1ddbfe0111454aab7227c59b81fbe83c78fb3a58e0e1ec905aa4e1322d274b36

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1DDBFE0111454AAB7227C59B81FBE83C78FB3A58E0E1EC905AA4E1322D274B36"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19482
Expires: Sat, 04 Feb 2023 07:48:13 GMT
Date: Sat, 04 Feb 2023 02:23:31 GMT
Connection: keep-alive

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
a8c81baf0b7a23a8674edf8e4b93b4d8
582552acc30faeaa5024d22e57abb04b113c9284
ee7c5bb86c0af82f08ac8b499153fa8befaab2a9a243ffa1048384b96d9ac8c8

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 00:13:33 GMT
ETag: "582552acc30faeaa5024d22e57abb04b113c9284"
Last-Modified: Sat, 04 Feb 2023 00:13:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 773
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793ff1dfad060b59-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
a8c81baf0b7a23a8674edf8e4b93b4d8
582552acc30faeaa5024d22e57abb04b113c9284
ee7c5bb86c0af82f08ac8b499153fa8befaab2a9a243ffa1048384b96d9ac8c8

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 00:13:33 GMT
ETag: "582552acc30faeaa5024d22e57abb04b113c9284"
Last-Modified: Sat, 04 Feb 2023 00:13:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 773
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793ff1dfbe970b65-OSL

img.jialiimg.com/upload/vod/20220614-1/eda22c9a9af5ea5ded29158ca081eb37.jpg

108.186.171.14

200 OK

9.2 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220614-1/eda22c9a9af5ea5ded29158ca081eb37.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
9.2 kB (9194 bytes)
Hash
6c6685885d2b7c2b10641bb00c8707c3
dcf9d5a7e05fc3660082f231ac001f588e41bb05
92230a646205e2ac424a0520eb8f4c8a2899cfd3cd82dd99ffb7443a60c765d8

HTTP Headers

GET /upload/vod/20220614-1/eda22c9a9af5ea5ded29158ca081eb37.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 9194
last-modified: Mon, 13 Jun 2022 23:41:06 GMT
etag: "62a7cb12-23ea"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/4af168ef740a008b1c9483393ccdf849.jpg

108.186.171.14

200 OK

7.8 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/4af168ef740a008b1c9483393ccdf849.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.8 kB (7823 bytes)
Hash
d9f1d493757adcdf18ebbe8bcefe6312
ae39351b0d97f70caae6243509dd3af3cca550f0
24adef8447bc6067068b1d6b2d1d159043c6d928fa1052f892f69ae4e962d908

HTTP Headers

GET /upload/vod/20230110-1/4af168ef740a008b1c9483393ccdf849.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 7823
last-modified: Mon, 09 Jan 2023 16:08:12 GMT
etag: "63bc3bec-1e8f"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/bc74c69c520cacc42d4b51c9c555b614.jpg

108.186.171.14

200 OK

8.4 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/bc74c69c520cacc42d4b51c9c555b614.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density -11439x-24968, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
8.4 kB (8431 bytes)
Hash
c5dd82e1edde74c43e2a157613ecdb63
f2694472e1b3e915685feb0f27a6456e613440c7
c18424d352de397556fae24eecbdd1bbf39968fb71c70d08a186587a22224596

HTTP Headers

GET /upload/vod/20230110-1/bc74c69c520cacc42d4b51c9c555b614.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 8431
last-modified: Mon, 09 Jan 2023 16:08:12 GMT
etag: "63bc3bec-20ef"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/688279a3fee32c36fd8b2e45b3793a8c.jpg

108.186.171.14

200 OK

10 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/688279a3fee32c36fd8b2e45b3793a8c.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (10106 bytes)
Hash
bc8df03124c50891d2d913ec65a960c4
07ba0232e20cbcc6a13ee35d99451fdfb31f425a
398857e44473c932fbda24f88a0c323575d06fedd1fc76a50c7f1613d1974344

HTTP Headers

GET /upload/vod/20230110-1/688279a3fee32c36fd8b2e45b3793a8c.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 10106
last-modified: Mon, 09 Jan 2023 16:08:12 GMT
etag: "63bc3bec-277a"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/2059a32dc53dc41bcce5a1a55207a0b3.jpg

108.186.171.14

200 OK

5.6 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/2059a32dc53dc41bcce5a1a55207a0b3.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
5.6 kB (5622 bytes)
Hash
15150430882fe5b0fdee789662036ffb
121bd0f83dc0c1fe0b237528dac1bd1e627c7efb
0755789b4d59e2852dd24af60a68f0f0a32ab6f804087d838d862bfca2881b48

HTTP Headers

GET /upload/vod/20230110-1/2059a32dc53dc41bcce5a1a55207a0b3.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 5622
last-modified: Mon, 09 Jan 2023 16:08:12 GMT
etag: "63bc3bec-15f6"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/28a2fb3a509db11941ec3297a9eb3215.jpg

108.186.171.14

200 OK

7.7 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/28a2fb3a509db11941ec3297a9eb3215.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.7 kB (7702 bytes)
Hash
c3a6c4ad8d6143854c7b38788c077db4
e668f40a2488f6e37f8e94bd2c69f2b8c0a4d7eb
c8f0aa2de65765270b55bf679f44474b5e807ccfdca2a2624cafda86e5cc4d4f

HTTP Headers

GET /upload/vod/20230110-1/28a2fb3a509db11941ec3297a9eb3215.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 7702
last-modified: Mon, 09 Jan 2023 16:08:12 GMT
etag: "63bc3bec-1e16"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/b53e961f9b51437ee5b3e4ae1e7d61a7.jpg

108.186.171.14

200 OK

6.8 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/b53e961f9b51437ee5b3e4ae1e7d61a7.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
6.8 kB (6843 bytes)
Hash
d439375e4de579229b7ca6835e165fa8
fcfd90cfdb8fad68610322e787b4a4f5a91f40e3
12f6269750176fe6c2985cd4e230b18129ec283d3de656a32034f8e223e8ed76

HTTP Headers

GET /upload/vod/20230110-1/b53e961f9b51437ee5b3e4ae1e7d61a7.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 6843
last-modified: Mon, 09 Jan 2023 16:08:12 GMT
etag: "63bc3bec-1abb"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/5c1eba01b6c16828d9619e0180f6265b.jpg

108.186.171.14

200 OK

10 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/5c1eba01b6c16828d9619e0180f6265b.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
10 kB (9953 bytes)
Hash
bc16ee57ef004124a5e4781b9c376557
11daa7412f245336b75931c17e418e82160d7002
dee9e22b6a75e3f9c1642751d7a488a8999be191b8a8ba1666a16f90a544bb62

HTTP Headers

GET /upload/vod/20230110-1/5c1eba01b6c16828d9619e0180f6265b.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 9953
last-modified: Mon, 09 Jan 2023 16:08:12 GMT
etag: "63bc3bec-26e1"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230103-1/ed609e13dd4fba9b0ada1747614394f8.jpg

108.186.171.14

200 OK

7.7 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230103-1/ed609e13dd4fba9b0ada1747614394f8.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
7.7 kB (7693 bytes)
Hash
5a2c45837759b8203502202f873fed26
0b8c366556a7661ccb1dbed9bed95c68228205a1
d7a3b16f3c54a7ac4a38d9eeba7df1de3d7518a5f409089eea6deb73cf81bc4a

HTTP Headers

GET /upload/vod/20230103-1/ed609e13dd4fba9b0ada1747614394f8.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 7693
last-modified: Mon, 02 Jan 2023 16:04:34 GMT
etag: "63b30092-1e0d"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20220614-1/97641feb821cc6eae8e48ffd87ab3f6e.jpg

108.186.171.14

200 OK

9.5 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220614-1/97641feb821cc6eae8e48ffd87ab3f6e.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
9.5 kB (9508 bytes)
Hash
956bcdca35d25d19ed5b66337d6207e7
ebe391ad9bfda40be60b6756f17e1ea30b28d3ef
0e9b035e689be3c918d7db202d89d58cb81dc67e08e5ef2e8a2979b4ec88e824

HTTP Headers

GET /upload/vod/20220614-1/97641feb821cc6eae8e48ffd87ab3f6e.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 9508
last-modified: Mon, 13 Jun 2022 23:41:06 GMT
etag: "62a7cb12-2524"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20220614-1/ec80186ffeea9dbded6365492746f9fe.jpg

108.186.171.14

200 OK

15 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220614-1/ec80186ffeea9dbded6365492746f9fe.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 45x34, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Size
15 kB (15303 bytes)
Hash
8b7dfa6e8059a25cef07dac3597ea5c9
48375666f3696a511666f5ac042651d2fa59ec5f
28c9d4a521a5ab4ac7ef6a04a80f64b4aa998f7ce684fda3be75634ba422eaa7

HTTP Headers

GET /upload/vod/20220614-1/ec80186ffeea9dbded6365492746f9fe.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 15303
last-modified: Mon, 13 Jun 2022 23:41:06 GMT
etag: "62a7cb12-3bc7"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20220614-1/37c87b67cf878d15db9165b8e87ef0d9.jpg

108.186.171.14

200 OK

12 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220614-1/37c87b67cf878d15db9165b8e87ef0d9.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 320x240, components 3\012- data
Size
12 kB (11550 bytes)
Hash
fd2e90757c85bc971024a066777f3a68
d8339e9eb1f20d97a212fe928f320647266aa65a
8f1ef2d7d2011e169cfaad7b537e680035cf28490cf199fc38ff1eec589d1a2c

HTTP Headers

GET /upload/vod/20220614-1/37c87b67cf878d15db9165b8e87ef0d9.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 11550
last-modified: Mon, 13 Jun 2022 23:41:06 GMT
etag: "62a7cb12-2d1e"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20220614-1/ecc7d5cb24dd7fb25ddd035ccbfa96f1.jpg

108.186.171.14

200 OK

9.6 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220614-1/ecc7d5cb24dd7fb25ddd035ccbfa96f1.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Size
9.6 kB (9572 bytes)
Hash
6803e3b74529d61cdb71849c8cccd6a6
45d538fca42b99ea10512784d100e53a8be85cae
b127f5d3246eb16d76647e8c473c8cdba0cc27af3c5af4c0551beeb10fd9d4f4

HTTP Headers

GET /upload/vod/20220614-1/ecc7d5cb24dd7fb25ddd035ccbfa96f1.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 9572
last-modified: Mon, 13 Jun 2022 23:41:06 GMT
etag: "62a7cb12-2564"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20220816-1/4feeef081001b2bd77218f67b9e6fa42.jpg

108.186.171.14

200 OK

96 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220816-1/4feeef081001b2bd77218f67b9e6fa42.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size
96 kB (95859 bytes)
Hash
14a34c9a58d66a991565fc6e90992db8
6c718cab64a97626805fb7714e1ba8660f821b5d
e64254a5427095e5e98791bc930417b16035a20d12ffa1fbd00acf5645f9aa63

HTTP Headers

GET /upload/vod/20220816-1/4feeef081001b2bd77218f67b9e6fa42.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 95859
last-modified: Mon, 15 Aug 2022 16:32:02 GMT
etag: "62fa7502-17673"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20220817-1/ebf3529ecdd73be9c60fb13ee4d94880.jpg

108.186.171.14

200 OK

169 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220817-1/ebf3529ecdd73be9c60fb13ee4d94880.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size
169 kB (168551 bytes)
Hash
97b4eadd06de9385938264c8ad74ff6a
6421ff0be59a57d5fd6540acc39bbfab37e7f74b
5341febf2e8dc6fcff96d0a165c14be016ab3a91582c79235024c938cb462547

HTTP Headers

GET /upload/vod/20220817-1/ebf3529ecdd73be9c60fb13ee4d94880.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 168551
last-modified: Tue, 16 Aug 2022 18:08:29 GMT
etag: "62fbdd1d-29267"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/9f0a4bbe1d927956682921d1ad69d945.jpg

108.186.171.14

200 OK

171 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/9f0a4bbe1d927956682921d1ad69d945.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Intel(R) JPEG Library, version [1.51.13.45]", baseline, precision 8, 680x453, components 3\012- data
Size
171 kB (171063 bytes)
Hash
2cb624bf61fb2834ba8bfa0b2f8c5ee5
7d238e3c2fa7db133fc8a3b80132f9bf80172d7a
ec6a5c09260e72cf13d4a04156dfa541cc782a6ccadac79e973adc4d4569497e

HTTP Headers

GET /upload/vod/20230110-1/9f0a4bbe1d927956682921d1ad69d945.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 171063
last-modified: Mon, 09 Jan 2023 16:08:18 GMT
etag: "63bc3bf2-29c37"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/26c8f6334801cce89d307852699bb4cf.jpg

108.186.171.14

200 OK

177 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/26c8f6334801cce89d307852699bb4cf.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=PhotoScape, datetime=2022:01:19 16:45:16], baseline, precision 8, 680x453, components 3\012- data
Size
177 kB (177134 bytes)
Hash
920b1a95b3003fda4e1b45c2a214a3ef
5e84546d62932b60d65a17fd11d03892edaea813
2b2b88baa6c0f607b536f613a1097444c1aea6b0660cd4418d65d7f71c6fe331

HTTP Headers

GET /upload/vod/20230110-1/26c8f6334801cce89d307852699bb4cf.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 177134
last-modified: Mon, 09 Jan 2023 16:08:21 GMT
etag: "63bc3bf5-2b3ee"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?6e7a8c72268c6afc41c35af020bc56e4

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?6e7a8c72268c6afc41c35af020bc56e4
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (620)
Size
11 kB (11258 bytes)
Hash
9beef9d2c109c1d4fe3e7fa49f19ffbd
a0057c28f8fe042e1b33f67ffc4ace233ef85293
1ccff7272ca7188cbcfb90bbbffca9df35b77698a39a68ba212dc6c2a874b74c

HTTP Headers

GET /hm.js?6e7a8c72268c6afc41c35af020bc56e4 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 02:23:32 GMT
Etag: 71a72c4d413f62df7f63d1c3318ff9e3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B42BA57D83F143E1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

img.jialiimg.com/upload/vod/20221015-1/ea2cd6476dd83aecb5f5da2bce8837c2.jpg

108.186.171.14

200 OK

187 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20221015-1/ea2cd6476dd83aecb5f5da2bce8837c2.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=PhotoScape, datetime=2022:03:30 15:28:00], baseline, precision 8, 680x453, components 3\012- data
Size
187 kB (187364 bytes)
Hash
4fdbe51078c497e4c3875609d18ea18a
06c924c5ad8a4c03bf9fea84484c77d7a67d9c7d
f2246ab6c8869f30a722defaa1d2b7aff56799c4b86d4deeead49efb263d7272

HTTP Headers

GET /upload/vod/20221015-1/ea2cd6476dd83aecb5f5da2bce8837c2.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 187364
last-modified: Fri, 14 Oct 2022 16:31:30 GMT
etag: "63498ee2-2dbe4"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/5ca47c8431b9eaed6b520e37a5a95608.jpg

108.186.171.14

200 OK

192 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/5ca47c8431b9eaed6b520e37a5a95608.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size
192 kB (192045 bytes)
Hash
7a63f935095ba4f1073b7d4d7d75d506
6f6991059aa9ab84dddfaf35818cd3526bec6871
368ea1e6d96098c9534e64c6d4bc7f715a904b837b32841cc6aa397c6083b309

HTTP Headers

GET /upload/vod/20230110-1/5ca47c8431b9eaed6b520e37a5a95608.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 192045
last-modified: Mon, 09 Jan 2023 16:08:18 GMT
etag: "63bc3bf2-2ee2d"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20220818-1/2b201648420d9fa8ec110dfd24abd38b.jpg

108.186.171.14

200 OK

190 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20220818-1/2b201648420d9fa8ec110dfd24abd38b.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size
190 kB (189960 bytes)
Hash
72911023714f1a27da3b68553c2e7fde
3039f0f74cf73e6f2c56e7a41e16ce6f1808ab31
26f6d7476eb4d42ca496008032f2121b10917160a60e4afb6904e5a94b7fc39d

HTTP Headers

GET /upload/vod/20220818-1/2b201648420d9fa8ec110dfd24abd38b.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 189960
last-modified: Wed, 17 Aug 2022 16:20:50 GMT
etag: "62fd1562-2e608"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

img.jialiimg.com/upload/vod/20230110-1/8e1d6c67eb6f80520031072da9533d49.jpg

108.186.171.14

200 OK

199 kB

URL HTTP/2
img.jialiimg.com/upload/vod/20230110-1/8e1d6c67eb6f80520031072da9533d49.jpg
IP
108.186.171.14:0
ASN
#54600 PEGTECHINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 680x453, components 3\012- data
Size
199 kB (198565 bytes)
Hash
2be340fabed99783383943a7a3fbc08c
73b5538dd74a9b33628a04936197e7d6758522a7
4fc08386e4f644d935dfc788043977d93fa269a14d00cb017f28ffd6267555a0

HTTP Headers

GET /upload/vod/20230110-1/8e1d6c67eb6f80520031072da9533d49.jpg HTTP/1.1
Host: img.jialiimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 02:23:50 GMT
content-type: image/jpeg
content-length: 198565
last-modified: Mon, 09 Jan 2023 16:08:22 GMT
etag: "63bc3bf6-307a5"
expires: Mon, 06 Mar 2023 02:23:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif

47.75.19.46

200 OK

96 kB

URL HTTP/1.1
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/960X60.gif
IP
47.75.19.46:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 960 x 60\012- data
Size
96 kB (95856 bytes)
Hash
57557d6b489d522d480d9b82ce29db65
da2d3b35f0c9534e84e50310aeafe73173037315
4b96548579c0d9b380b10ce78bdb3e8edfd35e180519b319c6b1181e7b325952

HTTP Headers

GET /gg/960X60.gif HTTP/1.1
Host: yaoji666.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 04 Feb 2023 02:23:31 GMT
Content-Type: image/gif
Content-Length: 95856
Connection: keep-alive
x-oss-request-id: 63DDC1A38A23F73831216014
Accept-Ranges: bytes
ETag: "57557D6B489D522D480D9B82CE29DB65"
Last-Modified: Sat, 09 Jul 2022 12:37:07 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15928828585404051914
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
Content-MD5: V1V9a0idUi1IDZuCzinbZQ==
x-oss-server-time: 1

hm.baidu.com/hm.js?5a2c1ff98e0d0fa12d09f218a1437bd7

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?5a2c1ff98e0d0fa12d09f218a1437bd7
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
e2a66a71cfb7a451e7c1033bd4065e09
bec466656f3bf3d144d9c8df28a8d50df9fc117a
87241379291410ad3bec9fbe7c5681afeb366200321c983e1b7cd61311c9b5ef

HTTP Headers

GET /hm.js?5a2c1ff98e0d0fa12d09f218a1437bd7 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Sat, 04 Feb 2023 02:23:32 GMT
Etag: 90143420e1a91c98588c46bcbf8e6506
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E1EE7ACBD2B20180; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

push.zhanzhang.baidu.com/push.js

112.34.113.148

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
112.34.113.148:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Sat, 04 Feb 2023 02:23:32 GMT
Etag: "4078521116"
Expires: Sun, 04 Feb 2024 02:23:32 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=F7039E6A94FEB198FC52F850E2553344:FG=1; max-age=31536000; expires=Sun, 04-Feb-24 02:23:32 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1448375803&si=6e7a8c72268c6afc41c35af020bc56e4&v=1.3.0&lv=1&sn=9636&r=0&ww=1280&u=http%3A%2F%2F14td.com%2Farttypehtml%2F15.html&tt=%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E6%92%AD%E6%94%BE_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%89%B9%E7%BA%A7%E4%B8%80%E7%BA%A7A%E7%89%87_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E8%BF%9B%E5%85%A5

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1448375803&si=6e7a8c72268c6afc41c35af020bc56e4&v=1.3.0&lv=1&sn=9636&r=0&ww=1280&u=http%3A%2F%2F14td.com%2Farttypehtml%2F15.html&tt=%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E6%92%AD%E6%94%BE_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%89%B9%E7%BA%A7%E4%B8%80%E7%BA%A7A%E7%89%87_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E8%BF%9B%E5%85%A5
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1448375803&si=6e7a8c72268c6afc41c35af020bc56e4&v=1.3.0&lv=1&sn=9636&r=0&ww=1280&u=http%3A%2F%2F14td.com%2Farttypehtml%2F15.html&tt=%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E6%92%AD%E6%94%BE_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%89%B9%E7%BA%A7%E4%B8%80%E7%BA%A7A%E7%89%87_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E8%BF%9B%E5%85%A5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 02:23:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=20487EAF4007D02D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
d1141094f9eaefe6c8b70af80a2cc6f2
90ad497ef4efd303ca0bc0c3876df6397fa2651e
47c1b72f3e0dcd69ea1ff9e59290ec16a52143d4864af36c3440b2cec1714f40

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:33 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 22:07:25 GMT
Expires: Tue, 07 Feb 2023 22:07:24 GMT
Etag: "90ad497ef4efd303ca0bc0c3876df6397fa2651e"
Cache-Control: max-age=329630,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793ff1e80d39b505-OSL

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
d1141094f9eaefe6c8b70af80a2cc6f2
90ad497ef4efd303ca0bc0c3876df6397fa2651e
47c1b72f3e0dcd69ea1ff9e59290ec16a52143d4864af36c3440b2cec1714f40

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:33 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 22:07:25 GMT
Expires: Tue, 07 Feb 2023 22:07:24 GMT
Etag: "90ad497ef4efd303ca0bc0c3876df6397fa2651e"
Cache-Control: max-age=329630,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793ff1e83bc01c12-OSL

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=856267965&si=5a2c1ff98e0d0fa12d09f218a1437bd7&v=1.3.0&lv=1&sn=9637&r=0&ww=1280&u=http%3A%2F%2F14td.com%2Farttypehtml%2F15.html&tt=%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E6%92%AD%E6%94%BE_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%89%B9%E7%BA%A7%E4%B8%80%E7%BA%A7A%E7%89%87_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E8%BF%9B%E5%85%A5

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=856267965&si=5a2c1ff98e0d0fa12d09f218a1437bd7&v=1.3.0&lv=1&sn=9637&r=0&ww=1280&u=http%3A%2F%2F14td.com%2Farttypehtml%2F15.html&tt=%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E6%92%AD%E6%94%BE_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%89%B9%E7%BA%A7%E4%B8%80%E7%BA%A7A%E7%89%87_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E8%BF%9B%E5%85%A5
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=856267965&si=5a2c1ff98e0d0fa12d09f218a1437bd7&v=1.3.0&lv=1&sn=9637&r=0&ww=1280&u=http%3A%2F%2F14td.com%2Farttypehtml%2F15.html&tt=%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E6%92%AD%E6%94%BE_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%89%B9%E7%BA%A7%E4%B8%80%E7%BA%A7A%E7%89%87_%E6%AC%A7%E7%BE%8E%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%E8%BF%9B%E5%85%A5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Feb 2023 02:23:33 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=3BD4D9D1578E0B83; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

api.share.baidu.com/s.gif?l=http://14td.com/arttypehtml/15.html

112.34.113.148

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://14td.com/arttypehtml/15.html
IP
112.34.113.148:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://14td.com/arttypehtml/15.html HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 04 Feb 2023 02:23:33 GMT

jmrtd.loispp.com/k/157554

23.224.88.179

200 OK

6.2 kB

URL HTTP/1.1
jmrtd.loispp.com/k/157554
IP
23.224.88.179:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (1107)
Size
6.2 kB (6224 bytes)
Hash
e4e826c0882f050ce1b6787771109e7f
8ebf9eed70c9b84db78cec5995bb06ba860e1709
1ab449d95454c4952cc807832a0e3e113ee146f26d8c90e33b83bd4a7d5cfe4e

HTTP Headers

GET /k/157554 HTTP/1.1
Host: jmrtd.loispp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:33 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
Server: fang
X-Cache-Status: MISS

jmrtd.loispp.com/k/157553

23.224.88.179

200 OK

6.2 kB

URL HTTP/1.1
jmrtd.loispp.com/k/157553
IP
23.224.88.179:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (1107)
Size
6.2 kB (6199 bytes)
Hash
7a21f3bb0d6445600eb6ee79f8459da6
72a2ab0b93fa028d04ad19918758fe7c26917f96
8b37e607c41249456093ebb06778d507fce046671f9be6d0228389c2776f527a

HTTP Headers

GET /k/157553 HTTP/1.1
Host: jmrtd.loispp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:33 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Encoding: gzip
Server: fang
X-Cache-Status: MISS

jmrtd.loispp.com/v2/stats/12226/157554

23.224.88.179

200 OK

0 B

URL HTTP/1.1
jmrtd.loispp.com/v2/stats/12226/157554
IP
23.224.88.179:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/stats/12226/157554 HTTP/1.1
Host: jmrtd.loispp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:34 GMT
Content-Length: 0
Connection: keep-alive
X-Cache: MISS
Server: fang
X-Cache-Status: MISS

jmrtd.loispp.com/v2/stats/12226/157553

23.224.88.179

200 OK

0 B

URL HTTP/1.1
jmrtd.loispp.com/v2/stats/12226/157553
IP
23.224.88.179:0
ASN
#40065 CNSERVERS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v2/stats/12226/157553 HTTP/1.1
Host: jmrtd.loispp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:34 GMT
Content-Length: 0
Connection: keep-alive
X-Cache: MISS
Server: fang
X-Cache-Status: MISS

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
25e3407adfa0ea49049d3c80b3cd3b59
601ffbd7c8e08481452c7058a24bb7863899718a
4206adca3289aeb76b31a1c6e29593f30556ee612eb8a0b91fca14dc1a15d51f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4206ADCA3289AEB76B31A1C6E29593F30556EE612EB8A0B91FCA14DC1A15D51F"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17983
Expires: Sat, 04 Feb 2023 07:23:17 GMT
Date: Sat, 04 Feb 2023 02:23:34 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
25e3407adfa0ea49049d3c80b3cd3b59
601ffbd7c8e08481452c7058a24bb7863899718a
4206adca3289aeb76b31a1c6e29593f30556ee612eb8a0b91fca14dc1a15d51f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4206ADCA3289AEB76B31A1C6E29593F30556EE612EB8A0B91FCA14DC1A15D51F"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 08:23:34 GMT
Date: Sat, 04 Feb 2023 02:23:34 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6d13ddeda8a07163b6f8ef0c639c9398
d5db5e5d290e2d15b359f13aa8b87de768b000c5
7510273cf82c90d4ee133b2446900e18640a592322479713237593241864988a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 16:07:45 GMT
Expires: Fri, 10 Feb 2023 16:07:44 GMT
Etag: "d5db5e5d290e2d15b359f13aa8b87de768b000c5"
Cache-Control: max-age=567249,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793ff1f0ad88b51d-OSL

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
9417bdb765ff49bb1aa70a0144f25ed0
bfc069a201445826ffeff069fda15c959bf2e3d8
c0328a4e05c6321bfbfe28ec50b2dda2c538589df3ffcd18ddaa0547ffe4555c

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:35 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 16:47:42 GMT
Expires: Fri, 10 Feb 2023 16:47:41 GMT
Etag: "bfc069a201445826ffeff069fda15c959bf2e3d8"
Cache-Control: max-age=569645,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793ff1f2c9f2b505-OSL

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
52338f9c02cdb7ee3872a3a97c7bc7b1
73b7d436274cfea95a89f378586c89ee1c7247d5
6a8ce6ba03615c41efa532dec8b5fe23c22328bc530de6f4058bd19633f85ce4

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 20:49:43 GMT
Expires: Tue, 07 Feb 2023 20:49:42 GMT
Etag: "73b7d436274cfea95a89f378586c89ee1c7247d5"
Cache-Control: max-age=324966,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793ff1f4c8491c12-OSL

poike.mkjmdsc.xyz/kmopreytg/1.gif

23.224.92.245

200 OK

101 kB

URL HTTP/1.1
poike.mkjmdsc.xyz/kmopreytg/1.gif
IP
23.224.92.245:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 640 x 200\012- data
Size
101 kB (100857 bytes)
Hash
74d8032517a2d26d979c71930fd23287
5d8174fd54d0ba3ef5537ee9aac875ed30b254ad
f9f1f4de71954d970fb02654517e1987431c3b45b9bcdb66dc0a3522387d1ec9

HTTP Headers

GET /kmopreytg/1.gif HTTP/1.1
Host: poike.mkjmdsc.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 04 Feb 2023 02:23:34 GMT
Content-Type: image/gif
Content-Length: 100857
Last-Modified: Sun, 15 Jan 2023 03:32:58 GMT
Connection: keep-alive
ETag: "63c373ea-189f9"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

14td.com/template/default/css/favicon.ico

38.48.222.73

200 OK

4.8 kB

URL HTTP/1.1
14td.com/template/default/css/favicon.ico
IP
38.48.222.73:0
ASN
#174 COGENT-174

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (316), with CRLF line terminators
Size
4.8 kB (4802 bytes)
Hash
adbc2be7c6f1012718ab16c874b8e788
d8c8d320cc7acceb08ebd8b6d290f88535b65958
a471bb74f16d28d72ab4e7bd4ba0f94c010a69beb093770ec11711f7857c77f5

HTTP Headers

GET /template/default/css/favicon.ico HTTP/1.1
Host: 14td.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://14td.com/arttypehtml/15.html
Cookie: Hm_lvt_6e7a8c72268c6afc41c35af020bc56e4=1675477446; Hm_lpvt_6e7a8c72268c6afc41c35af020bc56e4=1675477446; Hm_lvt_5a2c1ff98e0d0fa12d09f218a1437bd7=1675477447; Hm_lpvt_5a2c1ff98e0d0fa12d09f218a1437bd7=1675477447

HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Mon, 09 Jan 2023 23:08:07 GMT
Accept-Ranges: bytes
ETag: "80a5fc3b7f24d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 04 Feb 2023 02:23:46 GMT
Content-Length: 4802

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
52338f9c02cdb7ee3872a3a97c7bc7b1
73b7d436274cfea95a89f378586c89ee1c7247d5
6a8ce6ba03615c41efa532dec8b5fe23c22328bc530de6f4058bd19633f85ce4

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:35 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 20:49:43 GMT
Expires: Tue, 07 Feb 2023 20:49:42 GMT
Etag: "73b7d436274cfea95a89f378586c89ee1c7247d5"
Cache-Control: max-age=324966,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793ff1f4cb0eb505-OSL

kmr.mjnbrt.xyz/mnrt/kmrr.png

23.224.92.246

200 OK

85 kB

URL HTTP/1.1
kmr.mjnbrt.xyz/mnrt/kmrr.png
IP
23.224.92.246:0
ASN
#40065 CNSERVERS

File type
PNG image data, 2084 x 2084, 8-bit/color RGBA, non-interlaced\012- data
Size
85 kB (84560 bytes)
Hash
3c80359bedd35432aea1539a1edcd122
62b0eb9a7eef9b048ab55e3e8d8486a43d5ef8db
74df8ccb6d42d5ee40aaffccd0246978eca881c260c8505afb9f71f85fe17ee2

HTTP Headers

GET /mnrt/kmrr.png HTTP/1.1
Host: kmr.mjnbrt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 04 Feb 2023 02:23:34 GMT
Content-Type: image/png
Content-Length: 84560
Last-Modified: Mon, 26 Dec 2022 07:36:05 GMT
Connection: keep-alive
ETag: "63a94ee5-14a50"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
374c2b8af4613f5fe2ba7d98432408b6
c6d1fd49a3dced8a45b1a41cb8a213e3276d3d7d
c7aefd5242fe0b2439ee141a06b80f7ddc4d02638520939c5c8e894ba871fc34

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:35 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 16:47:42 GMT
Expires: Fri, 10 Feb 2023 16:47:41 GMT
Etag: "c6d1fd49a3dced8a45b1a41cb8a213e3276d3d7d"
Cache-Control: max-age=569645,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793ff1f5f8a21c12-OSL

hnrtg.iujkegbpo.xyz/c.php?s=JnpvbmVpZD0xNTc1NTQmc2l0ZWlkPSZ1aWQ9MTIyMjYmYWRzaWQ9NTk2NDI3OCZwbGFuaWQ9MzAyNTUmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnFxLnNkY29oLmNvbSUyRjEuaHRtbCUzRmNoYW5uZWxDb2RlJTNEZmsyOSZ2dGltZT0yMDIzLTAyLTA0IDEwOjIzOjMzJmlwPTkxLjkwLjQyLjE1NA==;efbc4453b4a3d52bad8b30d32c6587b9;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGMTR0ZC5jb20lMkZhcnR0eXBlaHRtbCUyRjE1Lmh0bWwmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PSVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFNiU5MiVBRCVFNiU5NCVCRV8lRTYlQUMlQTclRTclQkUlOEUlRTklQkIlODQlRTglODklQjIlRTclODklQjklRTclQkElQTclRTQlQjglODAlRTclQkElQTdBJUU3JTg5JTg3XyVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFOCVCRiU5QiVFNSU4NSVBNSZsPWVuLVVTJmM9MSZoPTkzOQ==

192.151.200.35

200 OK

20 B

URL HTTP/1.1
hnrtg.iujkegbpo.xyz/c.php?s=JnpvbmVpZD0xNTc1NTQmc2l0ZWlkPSZ1aWQ9MTIyMjYmYWRzaWQ9NTk2NDI3OCZwbGFuaWQ9MzAyNTUmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnFxLnNkY29oLmNvbSUyRjEuaHRtbCUzRmNoYW5uZWxDb2RlJTNEZmsyOSZ2dGltZT0yMDIzLTAyLTA0IDEwOjIzOjMzJmlwPTkxLjkwLjQyLjE1NA==;efbc4453b4a3d52bad8b30d32c6587b9;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGMTR0ZC5jb20lMkZhcnR0eXBlaHRtbCUyRjE1Lmh0bWwmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PSVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFNiU5MiVBRCVFNiU5NCVCRV8lRTYlQUMlQTclRTclQkUlOEUlRTklQkIlODQlRTglODklQjIlRTclODklQjklRTclQkElQTclRTQlQjglODAlRTclQkElQTdBJUU3JTg5JTg3XyVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFOCVCRiU5QiVFNSU4NSVBNSZsPWVuLVVTJmM9MSZoPTkzOQ==
IP
192.151.200.35:0
ASN
#40065 CNSERVERS

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /c.php?s=JnpvbmVpZD0xNTc1NTQmc2l0ZWlkPSZ1aWQ9MTIyMjYmYWRzaWQ9NTk2NDI3OCZwbGFuaWQ9MzAyNTUmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRnFxLnNkY29oLmNvbSUyRjEuaHRtbCUzRmNoYW5uZWxDb2RlJTNEZmsyOSZ2dGltZT0yMDIzLTAyLTA0IDEwOjIzOjMzJmlwPTkxLjkwLjQyLjE1NA==;efbc4453b4a3d52bad8b30d32c6587b9;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGMTR0ZC5jb20lMkZhcnR0eXBlaHRtbCUyRjE1Lmh0bWwmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PSVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFNiU5MiVBRCVFNiU5NCVCRV8lRTYlQUMlQTclRTclQkUlOEUlRTklQkIlODQlRTglODklQjIlRTclODklQjklRTclQkElQTclRTQlQjglODAlRTclQkElQTdBJUU3JTg5JTg3XyVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFOCVCRiU5QiVFNSU4NSVBNSZsPWVuLVVTJmM9MSZoPTkzOQ== HTTP/1.1
Host: hnrtg.iujkegbpo.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Thu, 03-Aug-2023 02:23:35 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Sat, 11-Feb-2023 02:23:35 GMT; Max-Age=604800; path=/
12226_30255=re; expires=Sat, 04-Feb-2023 07:23:35 GMT; Max-Age=18000; path=/
do2click_30255=5964278%7C30255%7C12226%7C157554%7C; expires=Sat, 04-Feb-2023 05:23:35 GMT; Max-Age=10800; path=/
doEffect_30255=5964278%7C30255%7C12226%7C157554%7C; expires=Sat, 11-Feb-2023 02:23:35 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Content-Encoding: gzip
Server: fang
X-Cache-Status: MISS

poike.mkjmdsc.xyz/klnbjrtt/1.gif

23.224.92.245

200 OK

531 kB

URL HTTP/1.1
poike.mkjmdsc.xyz/klnbjrtt/1.gif
IP
23.224.92.245:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 640 x 200\012- data
Size
531 kB (531326 bytes)
Hash
58fc60204100422e412ce62f908aa00d
689dcac8f638dde92c856d02597908b3385c2af8
cb0071bf7d9d4f11d75e157403947d9607166f8b679696e52fa672505bed0c3d

HTTP Headers

GET /klnbjrtt/1.gif HTTP/1.1
Host: poike.mkjmdsc.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Tengine
Date: Sat, 04 Feb 2023 02:23:34 GMT
Content-Type: image/gif
Content-Length: 531326
Last-Modified: Mon, 26 Dec 2022 12:50:24 GMT
Connection: keep-alive
ETag: "63a99890-81b7e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes

kmopoer.jkbuymjhp.xyz/c.php?s=JnpvbmVpZD0xNTc1NTMmc2l0ZWlkPSZ1aWQ9MTIyMjYmYWRzaWQ9NTk1NTc5NiZwbGFuaWQ9MjkzOTcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRm5zZXQuaWNxOGQuY29tJTJGMjMlMkYmdnRpbWU9MjAyMy0wMi0wNCAxMDoyMzozMyZpcD05MS45MC40Mi4xNTQ=;538224c083927d5c0bf88f968f0ec4a1;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGMTR0ZC5jb20lMkZhcnR0eXBlaHRtbCUyRjE1Lmh0bWwmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PSVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFNiU5MiVBRCVFNiU5NCVCRV8lRTYlQUMlQTclRTclQkUlOEUlRTklQkIlODQlRTglODklQjIlRTclODklQjklRTclQkElQTclRTQlQjglODAlRTclQkElQTdBJUU3JTg5JTg3XyVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFOCVCRiU5QiVFNSU4NSVBNSZsPWVuLVVTJmM9MSZoPTkzOQ==

23.224.88.178

200 OK

20 B

URL HTTP/1.1
kmopoer.jkbuymjhp.xyz/c.php?s=JnpvbmVpZD0xNTc1NTMmc2l0ZWlkPSZ1aWQ9MTIyMjYmYWRzaWQ9NTk1NTc5NiZwbGFuaWQ9MjkzOTcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRm5zZXQuaWNxOGQuY29tJTJGMjMlMkYmdnRpbWU9MjAyMy0wMi0wNCAxMDoyMzozMyZpcD05MS45MC40Mi4xNTQ=;538224c083927d5c0bf88f968f0ec4a1;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGMTR0ZC5jb20lMkZhcnR0eXBlaHRtbCUyRjE1Lmh0bWwmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PSVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFNiU5MiVBRCVFNiU5NCVCRV8lRTYlQUMlQTclRTclQkUlOEUlRTklQkIlODQlRTglODklQjIlRTclODklQjklRTclQkElQTclRTQlQjglODAlRTclQkElQTdBJUU3JTg5JTg3XyVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFOCVCRiU5QiVFNSU4NSVBNSZsPWVuLVVTJmM9MSZoPTkzOQ==
IP
23.224.88.178:0
ASN
#40065 CNSERVERS

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET /c.php?s=JnpvbmVpZD0xNTc1NTMmc2l0ZWlkPSZ1aWQ9MTIyMjYmYWRzaWQ9NTk1NTc5NiZwbGFuaWQ9MjkzOTcmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRm5zZXQuaWNxOGQuY29tJTJGMjMlMkYmdnRpbWU9MjAyMy0wMi0wNCAxMDoyMzozMyZpcD05MS45MC40Mi4xNTQ=;538224c083927d5c0bf88f968f0ec4a1;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs1MDQ1MjYxNDk7TGludXggeDg2XzY0Ozs7MTY7MjQmaz0mc2U9MiZmPTAmdT1odHRwJTNBJTJGJTJGMTR0ZC5jb20lMkZhcnR0eXBlaHRtbCUyRjE1Lmh0bWwmaj0wJnA9MCZtPTAmcmVzPTEyODB4MTAyNCZ0PSVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFNiU5MiVBRCVFNiU5NCVCRV8lRTYlQUMlQTclRTclQkUlOEUlRTklQkIlODQlRTglODklQjIlRTclODklQjklRTclQkElQTclRTQlQjglODAlRTclQkElQTdBJUU3JTg5JTg3XyVFNiVBQyVBNyVFNyVCRSU4RSVFOSVCQiU4NCVFOCU4OSVCMiVFNyVCRCU5MSVFNyVBQiU5OSVFOCVCRiU5QiVFNSU4NSVBNSZsPWVuLVVTJmM9MSZoPTkzOQ== HTTP/1.1
Host: kmopoer.jkbuymjhp.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 02:23:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Set-Cookie: region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Thu, 03-Aug-2023 02:23:35 GMT; Max-Age=15552000; path=/
visitnum=1; expires=Sat, 11-Feb-2023 02:23:35 GMT; Max-Age=604800; path=/
12226_29397=re; expires=Sat, 04-Feb-2023 07:23:35 GMT; Max-Age=18000; path=/
do2click_29397=5955796%7C29397%7C12226%7C157553%7C; expires=Sat, 04-Feb-2023 05:23:35 GMT; Max-Age=10800; path=/
doEffect_29397=5955796%7C29397%7C12226%7C157553%7C; expires=Sat, 11-Feb-2023 02:23:35 GMT; Max-Age=604800; path=/
P3P: CP="Powered by Www.Zyiis.Com 2005-2016"
Content-Encoding: gzip
Server: fang
X-Cache-Status: MISS

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F043bf414-ba77-4973-9779-d0c124ae0baf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8352 bytes)
Hash
28099f5ad8a27e5a49a0d1c842486329
d47caba75b363a4c008e5a9a9d0b8e39d9fa4abd
1d798d35ceae594d86fa43aa0ef47b962c52bb1557e17dda9b294bd01f374b3a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F043bf414-ba77-4973-9779-d0c124ae0baf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8352
x-amzn-requestid: 80032cef-14cd-4f56-9830-8c74891ed00f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEqQFDJIAMFspQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8174-6d3310287fc74bb27e9b038a;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: byr2TaC2xnnUl56r2iGKZI0o8Ctsv0iy42h_F7-ezKpEijaH9rr5EQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:12:53 GMT
etag: "d47caba75b363a4c008e5a9a9d0b8e39d9fa4abd"
content-type: image/jpeg
age: 15045
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.jqueryapi.org/ajax/libs/jquery/3.6.1/jquery.js

104.21.14.242

200 OK

0 B

URL HTTP/2
cdn.jqueryapi.org/ajax/libs/jquery/3.6.1/jquery.js
IP
104.21.14.242:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ajax/libs/jquery/3.6.1/jquery.js HTTP/1.1
Host: cdn.jqueryapi.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://14td.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 02:23:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
last-modified: Saturday, 04-Feb-2023 02:23:31 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mC9MJSH9joSYr%2FgzdApvUBSWABGhaYnoUMAo70bB5d22pT8g68ggdnYVQke5Bix6QSSWyEqGo02hf9rCBYgzxHoTu6VVVvv9l62KSJZveU5SPqFx6ilcaGADCf%2BITOiHl91oBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793ff1dbba3fb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML