r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14563
Expires: Thu, 08 Dec 2022 14:06:11 GMT
Date: Thu, 08 Dec 2022 10:03:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3453
Expires: Thu, 08 Dec 2022 11:01:01 GMT
Date: Thu, 08 Dec 2022 10:03:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 09:08:09 GMT
content-type: application/json
age: 3319
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3375
Expires: Thu, 08 Dec 2022 10:59:43 GMT
Date: Thu, 08 Dec 2022 10:03:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pm72vi4o8FJhKI23joSGscimfxwWhC/oNlM0n5d6zjTU4UFcFiKpI71kiauk3CU1tGHtMkCoXEc=
x-amz-request-id: EZZQ9TBW45RBTQXB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 09:47:52 GMT
age: 936
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 10:03:28 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.gaoydq.com/help/view13.html
47.98.113.134200 OK 6.8 kB URL HTTP/1.1 www.gaoydq.com/help/view13.html
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash d6d8b78a4f3b06513926aa3a2c71fedd
8195ebc60331f7ba5dff67741483d828bbb3fcb4
18ad4c76ab89917dce2f3b3fe4b4b38bf52ba8be55497b909be1b288ad0f6dab
Analyzer Verdict Alert fortinet Phishing
GET /help/view13.html HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:28 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.11
Set-Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 09:07:55 GMT
age: 3333
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gaoydq.com/css/global.css?t=0329495001670493808
47.98.113.134200 OK 1.4 kB URL HTTP/1.1 www.gaoydq.com/css/global.css?t=0329495001670493808
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 90ed6ba3b54cec3ed220e8171c8e06fb
78f2e8a589f356535331d9f9f782f7ea9fe7f1f3
2ceb087b05e31f504eeeba8fa7205a90c72508ca550e52df48892479cff0724c
GET /css/global.css?t=0329495001670493808 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:28 GMT
Content-Type: text/css
Last-Modified: Fri, 18 Feb 2022 08:51:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"620f5e17-dda"
Expires: Thu, 08 Dec 2022 22:03:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.gaoydq.com/css/basic.css?t=0329495001670493808
47.98.113.134200 OK 3.7 kB URL HTTP/1.1 www.gaoydq.com/css/basic.css?t=0329495001670493808
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash b3247aa84c01bc15623b3d9fecee1392
a3974131e44c21419ba2c8a772e3d533e3f7d7f5
1258fe5d3b52a22f20e0a1b6b3c57e5428ca55d252e1ddc49a8fbcc0507ccbe4
Analyzer Verdict Alert fortinet Phishing
GET /css/basic.css?t=0329495001670493808 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:28 GMT
Content-Type: text/css
Last-Modified: Tue, 01 Nov 2022 02:15:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6360815b-470f"
Expires: Thu, 08 Dec 2022 22:03:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5463
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 10:03:29 GMT
Etag: "639057aa-1d7"
Last-Modified: Thu, 08 Dec 2022 08:32:26 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.gaoydq.com/help/css/index.css?t=0329495001670493808
47.98.113.134200 OK 1.7 kB URL HTTP/1.1 www.gaoydq.com/help/css/index.css?t=0329495001670493808
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 3212a0d783675d708ae71d869a0ed0aa
46a425c01d9e4549a9b49491979aee84d41cd8d1
42bb64c0eb3594e6260c595b5458f9df3d043c7ba6ebd052d8163eeb19c9edcc
Analyzer Verdict Alert fortinet Phishing
GET /help/css/index.css?t=0329495001670493808 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: text/css
Last-Modified: Fri, 18 Feb 2022 08:51:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"620f5e17-17e4"
Expires: Thu, 08 Dec 2022 22:03:29 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.gaoydq.com/js/layer.js?t=0329495001670493808
47.98.113.134200 OK 8.2 kB URL HTTP/1.1 www.gaoydq.com/js/layer.js?t=0329495001670493808
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (21529), with CRLF line terminators
Hash 9e5d84b99c5dda579729f1270f61eb0c
b823f96c581c2203ce914cda14e2abb70b7531e6
da43c861bcd3520c45018a382f5634766a66fd67d3b0f869897692035abe8d35
GET /js/layer.js?t=0329495001670493808 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: application/javascript
Last-Modified: Fri, 18 Feb 2022 08:51:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"620f5e17-546e"
Expires: Thu, 08 Dec 2022 22:03:29 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.gaoydq.com/js/global.js?t=0329495001670493808
47.98.113.134200 OK 3.4 kB URL HTTP/1.1 www.gaoydq.com/js/global.js?t=0329495001670493808
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with very long lines (500), with CRLF line terminators
Hash 66cf8e8c2ab5d5affabf51470061f3b9
bb14d88405d69621443fa5312b69781251afd040
55883eba453cfeb5a2b04e25cb593a9a5e7d0c9d1168712b19244750e2ba5994
Analyzer Verdict Alert fortinet Phishing
GET /js/global.js?t=0329495001670493808 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: application/javascript
Last-Modified: Fri, 18 Feb 2022 08:51:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"620f5e17-2d86"
Expires: Thu, 08 Dec 2022 22:03:29 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.gaoydq.com/js/basic.js?t=0329495001670493808
47.98.113.134200 OK 545 B URL HTTP/1.1 www.gaoydq.com/js/basic.js?t=0329495001670493808
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 31e0fc80edbe591350d0cf163abe66ff
f57c9835361720cc340d19133224a620700d554c
1b637e2ab25853915fea475868162af4a401ae7294f3d050402489b7d4fc59e9
GET /js/basic.js?t=0329495001670493808 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: application/javascript
Last-Modified: Tue, 01 Nov 2022 02:15:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6360815b-53d"
Expires: Thu, 08 Dec 2022 22:03:29 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.gaoydq.com/help/js/index.js?t=0329495001670493808
47.98.113.134200 OK 519 B URL HTTP/1.1 www.gaoydq.com/help/js/index.js?t=0329495001670493808
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 302aae84b5255280dd6721801f5d15d9
a3a68bb0609e499cd25a22ce5cb1e6791fde4548
9df7e09e1459fd43b4098b8eb02e71701dffaa56c7ef5c59ab8e423378c4d6e8
Analyzer Verdict Alert fortinet Phishing
GET /help/js/index.js?t=0329495001670493808 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: application/javascript
Content-Length: 519
Last-Modified: Fri, 18 Feb 2022 08:51:35 GMT
Connection: keep-alive
ETag: "620f5e17-207"
Expires: Thu, 08 Dec 2022 22:03:29 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cXvZiWh7TKu2UQBRxPNJng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SQXtzBma/zpIjxRA6fwN1Uqjsno=
www.gaoydq.com/js/jquery.min.js?t=0329495001670493808
47.98.113.134200 OK 37 kB URL HTTP/1.1 www.gaoydq.com/js/jquery.min.js?t=0329495001670493808
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d4e282e0e1e69d378568eac0d45bfd24
8b62528373788e473676aa025a72aae45ec17d01
b5bbdf5ae69bfc2b39919ac018f41b27efac22f98ab92848db65022eb03dfd12
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.min.js?t=0329495001670493808 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Jul 2015 01:53:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"559b3106-16f44"
Expires: Thu, 08 Dec 2022 22:03:29 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.gaoydq.com/tem/getqr.php?u=http://www.gaoydq.com/m&size=4
47.98.113.134200 OK 302 B URL HTTP/1.1 www.gaoydq.com/tem/getqr.php?u=http://www.gaoydq.com/m&size=4
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 132 x 132, 1-bit colormap, non-interlaced\012- data
Hash 262a5e4e68eba14fd8087fd564e4c5ad
4c9e34b757f95d2359ce74c87a724d01c74478eb
9fcd4db4c666129451a796085504c99ce49f9b6bdead6eb40a9ab2a44f7bda47
GET /tem/getqr.php?u=http://www.gaoydq.com/m&size=4 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.11
www.gaoydq.com/homeimg/niuImg/jianr.png
47.98.113.134200 OK 973 B URL HTTP/1.1 www.gaoydq.com/homeimg/niuImg/jianr.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 5 x 10, 8-bit/color RGB, non-interlaced\012- data
Hash 12f11a5145ea3a141abcecaa4e908429
c94bb24f48889241996d2fce49eb83db9e91c97e
6759ad006e0cec688ee714840ff7726963b00bf8fc50112ab41a7e4aa36b1e1e
GET /homeimg/niuImg/jianr.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 973
Last-Modified: Tue, 01 Nov 2022 02:15:55 GMT
Connection: keep-alive
ETag: "6360815b-3cd"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/img/logo.png
47.98.113.134200 OK 12 kB URL HTTP/1.1 www.gaoydq.com/img/logo.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 413 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash c6330da07f4ff2aeef1d44bad07a41a8
da93848e5b2734baf8e08da18d7300f7e6521e4d
49498561e400c4b005c6be4411a16e95eed67999a17dbcbf741778ab514ba5d0
GET /img/logo.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 12150
Last-Modified: Mon, 11 Oct 2021 07:36:48 GMT
Connection: keep-alive
ETag: "6163e990-2f76"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/homeimg/niuImg/jian.png
47.98.113.134200 OK 956 B URL HTTP/1.1 www.gaoydq.com/homeimg/niuImg/jian.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 8 x 4, 8-bit/color RGB, non-interlaced\012- data
Hash 150931ef36607f464d4c0f89006eaed3
94317e3d6f3cf13713ef98d39e25de7ee9f947a6
4cb15dbf1bc153a64bb06cf6344730996ccc2a573a4804e5efe631bab273e311
GET /homeimg/niuImg/jian.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 956
Last-Modified: Tue, 01 Nov 2022 02:15:55 GMT
Connection: keep-alive
ETag: "6360815b-3bc"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0187333001634009306.png
47.98.113.134200 OK 1.3 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0187333001634009306.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash fec971366faf2db1d8f874e1ff2f6eb3
713d696db268f4926cbeb135a1a5776cd31f7cc4
4b0fa5c7e9a7b9825e4a0dbe0b2560fefb62f41dd69b5b955c60bb00c17cbb24
GET /gugao1/0187333001634009306.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 1292
Last-Modified: Tue, 12 Oct 2021 03:28:52 GMT
Connection: keep-alive
ETag: "616500f4-50c"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/js/skin/default/layer.css?v=3.0.3303
47.98.113.134200 OK 3.3 kB URL HTTP/1.1 www.gaoydq.com/js/skin/default/layer.css?v=3.0.3303
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (14499), with no line terminators
Hash a4aa63639a629d4bb2bb989be8176a8a
2c05f0d6b8e80b94e58eece38b2d2db2a83abb5b
aaaadb5de80338f86fd6aff12d15ed92bf34e0cc4c981e8d3f230fbfb7284308
Analyzer Verdict Alert fortinet Phishing
GET /js/skin/default/layer.css?v=3.0.3303 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: text/css
Last-Modified: Mon, 06 Mar 2017 08:43:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"58bd211c-38a3"
Expires: Thu, 08 Dec 2022 22:03:29 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.gaoydq.com/tem/sesCheck.php
47.98.113.134200 OK 21 B URL HTTP/1.1 www.gaoydq.com/tem/sesCheck.php
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type very short file (no magic)
Hash 7ac8c27439ed6e2a30373651a2898777
1249bc89db36deb369d6388319453f015bd83e04
e240a7a561e7c84b32d4695ddc4c0d6c38a8e0c3f2581711c1971680f033437e
Analyzer Verdict Alert fortinet Phishing
GET /tem/sesCheck.php HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.11
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
www.gaoydq.com/gugao1/0224185001634114846.png
47.98.113.134200 OK 20 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0224185001634114846.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 117 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash f267f4bd9874418b2bdd2d5ec3ceb917
34eefe14df1125744765e69fd7becd2931ae5e2d
9eee67bb08e1662bbd9f97b0159307df99c05af5497d3c1b5d463a7babc8fcd9
GET /gugao1/0224185001634114846.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 20278
Last-Modified: Wed, 13 Oct 2021 08:47:33 GMT
Connection: keep-alive
ETag: "61669d25-4f36"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/homeimg/niuImg/fanhui.png
47.98.113.134200 OK 625 B URL HTTP/1.1 www.gaoydq.com/homeimg/niuImg/fanhui.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 21 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 09e5e8fb84c2a7bf3b2969991f455492
e0a7a2f28cc910fd0810aed242afe907107b1909
da6b6bd1c47edec75219764bb01dc1e05682fa273d0c0190a0bcf53d93530e8d
GET /homeimg/niuImg/fanhui.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/css/basic.css?t=0329495001670493808
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 625
Last-Modified: Tue, 01 Nov 2022 02:15:55 GMT
Connection: keep-alive
ETag: "6360815b-271"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/homeimg/niuImg/zxicon.png
47.98.113.134200 OK 752 B URL HTTP/1.1 www.gaoydq.com/homeimg/niuImg/zxicon.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 30 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash d0c773fdf2695d92783d98906a1407f6
2d6dadae15b60500116eb286e61475b099abf043
e5747d36168e74dac26ae6d3c16c2d74cf8cbe139d1e3df75ca15f5d24ef5a57
GET /homeimg/niuImg/zxicon.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/css/basic.css?t=0329495001670493808
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 752
Last-Modified: Tue, 01 Nov 2022 02:15:55 GMT
Connection: keep-alive
ETag: "6360815b-2f0"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/homeimg/niuImg/kficon.png
47.98.113.134200 OK 703 B URL HTTP/1.1 www.gaoydq.com/homeimg/niuImg/kficon.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 30 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash f3a24a314e523c4bee1bf4390d025ecf
b55ebf809f6a3d8f304f5167e4c2d96f666e2d76
5ef4e43409d3b895bab3a67c3b1f4e7c14d092b0d78dc9d84d377843d4d12012
GET /homeimg/niuImg/kficon.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/css/basic.css?t=0329495001670493808
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 703
Last-Modified: Tue, 01 Nov 2022 02:15:55 GMT
Connection: keep-alive
ETag: "6360815b-2bf"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/homeimg/niuImg/1.png
47.98.113.134200 OK 1.3 kB URL HTTP/1.1 www.gaoydq.com/homeimg/niuImg/1.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 15 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash 3073cd1a8bf3852c2a49c97dd1815c1b
749a3223394922fb1da07a14ab63d9b387909e30
4bb07fa02aea9657a19d85973208af85087b1c6803ddcba0518015f5391d5947
GET /homeimg/niuImg/1.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/css/basic.css?t=0329495001670493808
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 1344
Last-Modified: Tue, 01 Nov 2022 02:15:55 GMT
Connection: keep-alive
ETag: "6360815b-540"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/homeimg/niuImg/gl.png
47.98.113.134200 OK 1.3 kB URL HTTP/1.1 www.gaoydq.com/homeimg/niuImg/gl.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 14 x 14, 8-bit/color RGB, non-interlaced\012- data
Hash bf7ee2bb991442622fc8f51efc121196
90383df222ad8ab007e1c1d1b6ae1359f57dc775
21807527fd2c15716f3e122f79b63e4f8dc356470d442cb532fefb24d78787db
GET /homeimg/niuImg/gl.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/css/basic.css?t=0329495001670493808
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:29 GMT
Content-Type: image/png
Content-Length: 1340
Last-Modified: Tue, 01 Nov 2022 02:15:55 GMT
Connection: keep-alive
ETag: "6360815b-53c"
Expires: Sat, 07 Jan 2023 10:03:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 3f96f71bdec418305a9d65f70f62142d
bcba6f8079366bfe71ad55704bfc1c4e0a90e485
45447114eaba28f951d3a19a277a65a20ddc6ab78683d5e5f5ab520c68fca44b
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 12 Dec 2022 06:45:55 GMT
ETag: "bcba6f8079366bfe71ad55704bfc1c4e0a90e485"
Last-Modified: Thu, 08 Dec 2022 06:45:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1518
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7764abe91fb30b39-OSL
www.gaoydq.com/gugao1/0797703001634027320.png
47.98.113.134200 OK 1.2 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0797703001634027320.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 54276f8aa7628bfcb8c7aa47506fd7df
72974cf2ccbec7fdb6476737b9c08504d87044cf
882840e19b50785567774999da5be63af58670a47b63f9d79de8e021eb1f6123
GET /gugao1/0797703001634027320.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 1215
Last-Modified: Tue, 12 Oct 2021 08:29:16 GMT
Connection: keep-alive
ETag: "6165475c-4bf"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/help/img/jian1.png
47.98.113.134200 OK 181 B URL HTTP/1.1 www.gaoydq.com/help/img/jian1.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 10 x 5, 8-bit/color RGBA, non-interlaced\012- data
Hash 26208344db21490523cc6378fa7cca21
2c1006e467aed678dc8ca76de62eccf2aae7326b
92f1edf6d9747aa7ebaa6d88800b168cfdef3f722e1542703ef840b3efed623b
GET /help/img/jian1.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 181
Last-Modified: Fri, 18 Feb 2022 08:51:35 GMT
Connection: keep-alive
ETag: "620f5e17-b5"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0488182001634027304.png
47.98.113.134200 OK 1.3 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0488182001634027304.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash f3cfc9f7ebb6c77565d34933bfa48b07
e515f7b8dc0f836cc2e48fb437d40a59645bfe6a
f6ec8e0e59b04973c69b782029aeb95eedfe859e87085e1a9e42be4daedf40bf
GET /gugao1/0488182001634027304.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 1292
Last-Modified: Tue, 12 Oct 2021 08:28:33 GMT
Connection: keep-alive
ETag: "61654731-50c"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0662328001634027269.png
47.98.113.134200 OK 1.3 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0662328001634027269.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 8b92b68581562d1e326f2ef9b9c77f01
12275fe18b5c8dc96b9ace24f0d1683869b04bdc
739c27f000e2cdd226220cd5da43f41c28b7837ef86d88b4a8f4a302ce35e651
GET /gugao1/0662328001634027269.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 1338
Last-Modified: Tue, 12 Oct 2021 08:28:08 GMT
Connection: keep-alive
ETag: "61654718-53a"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0779784001634027447.png
47.98.113.134200 OK 1.2 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0779784001634027447.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 743565b0e4998b0fe209430e0acaeaa2
25cc102fff913fccd7da8db121376f20f8f5dbcd
8d2c7282318b9ee210edf3aa95623421cd212cca30c677f0f82d62282251f8eb
GET /gugao1/0779784001634027447.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 1209
Last-Modified: Tue, 12 Oct 2021 08:30:56 GMT
Connection: keep-alive
ETag: "616547c0-4b9"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0107463001634027420.png
47.98.113.134200 OK 1.2 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0107463001634027420.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash f577bb4ee8916160869d70791de5d7a9
4fd4ecbcf6a58ecffc1a871979290a17a1f6f789
6d8b3a5854ec0043b2df9c2f921ba954c2f256a3088e91f9134a69778ba5846e
GET /gugao1/0107463001634027420.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 1191
Last-Modified: Tue, 12 Oct 2021 08:30:42 GMT
Connection: keep-alive
ETag: "616547b2-4a7"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14709
Expires: Thu, 08 Dec 2022 14:08:39 GMT
Date: Thu, 08 Dec 2022 10:03:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14709
Expires: Thu, 08 Dec 2022 14:08:39 GMT
Date: Thu, 08 Dec 2022 10:03:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14709
Expires: Thu, 08 Dec 2022 14:08:39 GMT
Date: Thu, 08 Dec 2022 10:03:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:11:17 GMT
age: 78733
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 40409
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57a992ab666f21c6da0057fefb622ff2
c36381d6744ae44360b2a37ca7586028e980714b
afe4050d9b07dcab509c95eb8d75ca410db74bd59f39561e5d190550cb61503e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13556
x-amzn-requestid: 3e79e2da-80ea-404c-8d87-939c7682dbe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4h8EuUIAMFkIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a5-68318f164708882a43fb0f12;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7RZTh3iQHGp_XffXQQw13UUWqPNZQFJ_e4pIvNPgAaA1aGy_cXMueA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "c36381d6744ae44360b2a37ca7586028e980714b"
content-type: image/jpeg
age: 42606
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 37678
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: ddb5c208-5bfe-4e8c-9fdd-55076fac9eb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czg9FGl2IAMFxYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63914853-148fec9213f360520ff3c52a;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 02:13:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: l8PbqnzJrf0uHiLE9iy5PSfKl8f4520ddTxkji7GyUyAWuX9Sc4U0w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:20:38 GMT
age: 20572
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cbac0c7e45d3f33c38dbf3af4de05ba
e9106fec14ddda290951c61eda64a69ada9a244a
98d3785eb167ea6bbba3782ab3cfd8cc9c7715f493265ac6d59494c00d3b002e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: bf2f33a6-7f13-4f5b-ba9c-da33282135b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERHFRSoAMFgYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb406-121af6ba1b7b6a3066ffa103;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yTLFIBUWHjudn2h6VKM79RUnXfuUTmQBkYSCFrRuY7_biVW5bEKZfA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 18:39:08 GMT
age: 55462
etag: "e9106fec14ddda290951c61eda64a69ada9a244a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gaoydq.com/gugao1/0272720001634027385.png
47.98.113.134200 OK 1.4 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0272720001634027385.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash b58d4ecb229bbe7ba177ec952e855fe9
536540312f1f30effe2921a864185bf34db092a5
11914eb9f822f933a09dd9c7d846ceb8a9bf734e1906378884c1e5ce8f9be3b9
GET /gugao1/0272720001634027385.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 1398
Last-Modified: Tue, 12 Oct 2021 08:30:08 GMT
Connection: keep-alive
ETag: "61654790-576"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0704639001634027362.png
47.98.113.134200 OK 1.3 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0704639001634027362.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 20 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash e5ac5d0ebafab3c835d839997540cf02
4e81e513684561f8ed0be58ad1c4047b8004dfed
431d5dbcba2fa4ba6363a2848e87859b80faf7f4b40cb911e7a7021602c0f863
GET /gugao1/0704639001634027362.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 1325
Last-Modified: Tue, 12 Oct 2021 08:29:33 GMT
Connection: keep-alive
ETag: "6165476d-52d"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0603451001634027650.png
47.98.113.134200 OK 2.1 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0603451001634027650.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 37 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash f4142999b00c0769d87674a6ec432248
e5e140d25399ad1cd9bcbfbc0d7bb376984099a5
0ac660a0738193eeb2410a27acfefc5c63d5f18cf566c8a93ebe8b4769f14ac0
GET /gugao1/0603451001634027650.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 2135
Last-Modified: Tue, 12 Oct 2021 08:34:18 GMT
Connection: keep-alive
ETag: "6165488a-857"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0716535001634027624.png
47.98.113.134200 OK 2.6 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0716535001634027624.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 38 x 37, 8-bit/color RGB, non-interlaced\012- data
Hash f1eb6d1ebb2084524cc5150227008560
cdfd4f2a32379a80c46dd73db0c715ce7131c605
6fde7696e8c234e565039d91a1d63d3be18132306af0b4308efdbc25bae8a70e
GET /gugao1/0716535001634027624.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 2637
Last-Modified: Tue, 12 Oct 2021 08:34:07 GMT
Connection: keep-alive
ETag: "6165487f-a4d"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0463257001634114656.png
47.98.113.134200 OK 19 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0463257001634114656.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 118 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash bb1a00c1f205b67323e2e3159616aaf2
0c49b42950ac187895c2b2e8b0de1fc370500e65
146b531c807f4a01f76e7dfa3bab6c470a226ba9e3692b6212c18fe228e56d44
GET /gugao1/0463257001634114656.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 18693
Last-Modified: Wed, 13 Oct 2021 08:44:25 GMT
Connection: keep-alive
ETag: "61669c69-4905"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0826692001634114744.png
47.98.113.134200 OK 16 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0826692001634114744.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ba5bf50ce8ea1d6c9d830c22d8934ca
b90598e4e50cc46e2188bcff02f9442ffb5ad150
fa3d4835e638c7e840364150d91676033e129388e44a7afdb23be9c0027de141
GET /gugao1/0826692001634114744.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 15719
Last-Modified: Wed, 13 Oct 2021 08:46:02 GMT
Connection: keep-alive
ETag: "61669cca-3d67"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0358016001634114515.png
47.98.113.134200 OK 51 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0358016001634114515.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 289 x 261, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f47bcd63ae88729c63eddf18937b09b
2019da0a96716302590946037fc39bbe3a3f3763
1a8ecd42102518ce05a6a7efab82cc7d244f933bb275ab6a74bd9b8cc5c42f51
GET /gugao1/0358016001634114515.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 51285
Last-Modified: Wed, 13 Oct 2021 08:43:21 GMT
Connection: keep-alive
ETag: "61669c29-c855"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/img/none60x60.gif
47.98.113.134200 OK 1.3 kB URL HTTP/1.1 www.gaoydq.com/img/none60x60.gif
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type GIF image data, version 89a, 60 x 60\012- data
Hash 0c32ad787ec3102230654eac7c1f4cb7
99df736a3a2d3d848398fdfd8fc45196cbacbd6f
2799d8fd826d207437e66571a1a0a2588df4367b263ff865147eadb9316277ea
GET /img/none60x60.gif HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/gif
Content-Length: 1264
Last-Modified: Mon, 11 Oct 2021 07:48:10 GMT
Connection: keep-alive
ETag: "6163ec3a-4f0"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hm.baidu.com/hm.js?0626927242f5fb137e07cbbaa2a94fed
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0626927242f5fb137e07cbbaa2a94fed
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 49cc80a3cc0adb41cd29d55f2c175040
45fd1c0b8dbf25249c298c8634112bd74d915ccb
04b52af7daf650a5890eaa3a4e042f23a46f4c38f7fef740451a5a4ff55118d2
GET /hm.js?0626927242f5fb137e07cbbaa2a94fed HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gaoydq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Thu, 08 Dec 2022 10:03:30 GMT
Etag: 7ae0a030e6ea0a115ba90f8f1e803647
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EA154C15E262A487; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.gaoydq.com/gugao1/0818402001634114768.png
47.98.113.134200 OK 16 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0818402001634114768.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 114 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ec52f0b53ad084087fb1e9a97303880
f87bd75cfbe9cc703dad1fe3a9e34272ea770a94
71de53d9d71aaee5027a5852a9ff635f1cc5b6665243f47c5c6b2f12874c8fed
GET /gugao1/0818402001634114768.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 15471
Last-Modified: Wed, 13 Oct 2021 08:46:42 GMT
Connection: keep-alive
ETag: "61669cf2-3c6f"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.gaoydq.com/gugao1/0291085001634114701.png
47.98.113.134200 OK 22 kB URL HTTP/1.1 www.gaoydq.com/gugao1/0291085001634114701.png
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 115 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 310f623bfabe6250eb170b669cd56bb0
53e1a321ad3e1352cec81993afa604c10c49c76a
69919389949d048f7b3bdbb9558a3a82921f129e83ad3b65bb52e77e27385562
GET /gugao1/0291085001634114701.png HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 10:03:30 GMT
Content-Type: image/png
Content-Length: 21786
Last-Modified: Wed, 13 Oct 2021 08:45:12 GMT
Connection: keep-alive
ETag: "61669c98-551a"
Expires: Sat, 07 Jan 2023 10:03:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1809064200&si=0626927242f5fb137e07cbbaa2a94fed&v=1.3.0&lv=1&sn=6660&r=0&ww=1280&u=http%3A%2F%2Fwww.gaoydq.com%2Fhelp%2Fview13.html&tt=%E6%AC%A2%E8%BF%8E%E5%A4%A7%E5%AE%B6%E6%8F%90%E4%BE%9B%E5%BB%BA%E8%AE%AE%20-%20%E9%AB%98%E5%8E%8B%E7%94%B5%E5%99%A8%E7%BD%91
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1809064200&si=0626927242f5fb137e07cbbaa2a94fed&v=1.3.0&lv=1&sn=6660&r=0&ww=1280&u=http%3A%2F%2Fwww.gaoydq.com%2Fhelp%2Fview13.html&tt=%E6%AC%A2%E8%BF%8E%E5%A4%A7%E5%AE%B6%E6%8F%90%E4%BE%9B%E5%BB%BA%E8%AE%AE%20-%20%E9%AB%98%E5%8E%8B%E7%94%B5%E5%99%A8%E7%BD%91
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1809064200&si=0626927242f5fb137e07cbbaa2a94fed&v=1.3.0&lv=1&sn=6660&r=0&ww=1280&u=http%3A%2F%2Fwww.gaoydq.com%2Fhelp%2Fview13.html&tt=%E6%AC%A2%E8%BF%8E%E5%A4%A7%E5%AE%B6%E6%8F%90%E4%BE%9B%E5%BB%BA%E8%AE%AE%20-%20%E9%AB%98%E5%8E%8B%E7%94%B5%E5%99%A8%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gaoydq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 08 Dec 2022 10:03:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=44DF74A64D83188B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.gaoydq.com/img/favicon.ico?t=0329495001670493808
47.98.113.134404 Not Found 162 B URL HTTP/1.1 www.gaoydq.com/img/favicon.ico?t=0329495001670493808
IP 47.98.113.134:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
Analyzer Verdict Alert fortinet Phishing
GET /img/favicon.ico?t=0329495001670493808 HTTP/1.1
Host: www.gaoydq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gaoydq.com/help/view13.html
Cookie: PHPSESSID=fvpjbjcu2e9tb8ak8ui28c77t4; Hm_lvt_0626927242f5fb137e07cbbaa2a94fed=1670493810; Hm_lpvt_0626927242f5fb137e07cbbaa2a94fed=1670493810
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 08 Dec 2022 10:03:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive