r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7684
Expires: Mon, 27 Mar 2023 16:26:09 GMT
Date: Mon, 27 Mar 2023 14:18:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2787
Expires: Mon, 27 Mar 2023 15:04:32 GMT
Date: Mon, 27 Mar 2023 14:18:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16832
Expires: Mon, 27 Mar 2023 18:58:37 GMT
Date: Mon, 27 Mar 2023 14:18:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Mar 2023 13:27:57 GMT
content-type: application/json
age: 3008
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hvG/B2lAbeRRLJyiHbd6D7UCTXeSok6QkaAUzf1bcc8Y/L7uxLb0acws9fd2dXFDHFBUqot30UY=
x-amz-request-id: BS728ADJR9XZ5DF1
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Mar 2023 14:01:40 GMT
age: 985
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:05 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Mar 2023 14:17:24 GMT
age: 41
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6293
Expires: Mon, 27 Mar 2023 16:02:58 GMT
Date: Mon, 27 Mar 2023 14:18:05 GMT
Connection: keep-alive
push.services.mozilla.com/
52.35.196.68101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.196.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C1Ryl59+TCPkUgj7nNbR6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CpOtJ5gYQpkKmkPbeTpSQePYIc8=
verificapaypal.com/it2819291231/e0527c739b4dd77/login.php
154.95.149.8301 Moved Permanently 0 B URL HTTP/1.1 verificapaypal.com/it2819291231/e0527c739b4dd77/login.php
IP 154.95.149.8:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /it2819291231/e0527c739b4dd77/login.php HTTP/1.1
Host: verificapaypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 27 Mar 2023 14:18:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.verificapaypal.com/it2819291231/e0527c739b4dd77/login.php
www.verificapaypal.com/it2819291231/e0527c739b4dd77/login.php
154.95.149.8200 OK 671 B URL HTTP/1.1 www.verificapaypal.com/it2819291231/e0527c739b4dd77/login.php
IP 154.95.149.8:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash adaf48d80831feb8d64a8d7607d9215e
23343ac0ba0baa499fa8bd6c61ffab3891bacb81
13c2f0b945f69a08c093e47bf193b06fa6ae20a7a0b4ad70c906dd4f8a83a192
GET /it2819291231/e0527c739b4dd77/login.php HTTP/1.1
Host: www.verificapaypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 14:18:06 GMT
Content-Type: text/html
Content-Length: 671
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9026
Expires: Mon, 27 Mar 2023 16:48:33 GMT
Date: Mon, 27 Mar 2023 14:18:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9026
Expires: Mon, 27 Mar 2023 16:48:33 GMT
Date: Mon, 27 Mar 2023 14:18:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cc79a830964d923d24a45f5ccc9939b
557cc4827414912c41319ad961c14cce71ed4a18
b3b1c73b34057cb6e41920f3d55213ad8c193076525767c051960ec26d17ca3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4775
x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK96KF9coAMFvMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: psNReeBG7nAuKQXIMl1zwCVmvtZ-xwn6Fx8oAIX4wi4GCNUWNWOGMA==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 22:12:36 GMT
age: 57931
etag: "557cc4827414912c41319ad961c14cce71ed4a18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22905e8a7c8b1741dd51842c114a6517
c5900fe2396e0ca371c4847af4e96149850c3577
1525f9f39c09370fcb1f58f079f2d741a4c6d13fba26e6dd5b79466153d7685e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10405
x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRi69E9xoAMFiJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 05:54:17 GMT
age: 30230
etag: "c5900fe2396e0ca371c4847af4e96149850c3577"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:37:24 GMT
age: 60043
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e999a9d79efe60a30b2942c5f2940294
c3891c43b16521f66eb3a52d83694de2ddd39871
290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12017
x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ca6yQGNtoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 03:34:08 GMT
age: 38639
etag: "c3891c43b16521f66eb3a52d83694de2ddd39871"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 668a8a17a1bb77ea7db7fa23c9df9690
242108539ff8694a3c557d07b2b000e764a77f24
100952573dc9eeba889a77f4d148b646accb99f277035f0607b1c6918f93a358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10591
x-amzn-requestid: 8359ddc1-a6c6-4caf-9de3-f2eb4dcb0c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CaIO-F0QIAMF5_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6420ba5f-72ee066911fdddb62c4a201d;Sampled=0
x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: hfm1xuKZ-Olu263DvYfbYlEnANaiIL9e7jEDUqDAf3ihT5N2HAdyIA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:49:30 GMT
age: 59317
etag: "242108539ff8694a3c557d07b2b000e764a77f24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e5dfaeb44e65f30874efae17a8fd652
52c517a45e53a4ca5b5783d0364ac0e2606d6970
3752bdf3d574299ccb17ac42d20f940dd1daf48d127889a1d82a55bec82a0436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6623
x-amzn-requestid: 5b246408-bf9c-488d-aee6-7d387115863e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQn4EHJoAMFl3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfafe-686e97b34f7c33862db51515;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:08:47 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Dc5ZpKbzuxe6YqNOtsNpeKShE02r5kg-YX_3gPgeEIgRADZRBL6b4w==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 12:05:17 GMT
age: 7970
etag: "52c517a45e53a4ca5b5783d0364ac0e2606d6970"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.verificapaypal.com/common.js
154.95.149.8200 OK 687 B URL HTTP/1.1 www.verificapaypal.com/common.js
IP 154.95.149.8:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Hash d2b92e5f260a64afe8f24523e7c14f16
7dc52305c9f40ec4ebe266453ff5e43a8a8afff6
3e4ac123a00465a489eb148eca6300c4367784cba828cb8b3532d4223cbcf40b
GET /common.js HTTP/1.1
Host: www.verificapaypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.verificapaypal.com/it2819291231/e0527c739b4dd77/login.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 14:18:07 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.verificapaypal.com/tj.js
154.95.149.8200 OK 524 B URL HTTP/1.1 www.verificapaypal.com/tj.js
IP 154.95.149.8:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash a1e0529adc30ee3a9f39f398e29aea0b
7b29f5ee44e771550f5fa520828056e4c6e61b80
8f0877001b8b351266efd3229106cbfecc67de8321af3c69a9cb2aed067c279d
GET /tj.js HTTP/1.1
Host: www.verificapaypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.verificapaypal.com/it2819291231/e0527c739b4dd77/login.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 14:18:07 GMT
Content-Type: application/x-javascript
Content-Length: 524
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e416a7e4278e886736b412c48ed164db
067b68e624edea10a7708b5b1958ce3b4688fa39
559c06741abbe51c3500b6b8e19ea3d1be3f37b3f74da5e4a61cf1a03b119ac8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "559C06741ABBE51C3500B6B8E19EA3D1BE3F37B3F74DA5E4A61CF1A03B119AC8"
Last-Modified: Sat, 25 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4960
Expires: Mon, 27 Mar 2023 15:40:47 GMT
Date: Mon, 27 Mar 2023 14:18:07 GMT
Connection: keep-alive
www.verificapaypal.com/favicon.ico
154.95.149.8200 OK 1.2 kB URL HTTP/1.1 www.verificapaypal.com/favicon.ico
IP 154.95.149.8:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.verificapaypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.verificapaypal.com/it2819291231/e0527c739b4dd77/login.php
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 14:18:07 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sat, 01 Apr 2023 14:18:07 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 8b93578d3885b1d8dba75852bce99cdf
415b6680b02dde81c004c6f3101a82c3a88ceed4
5aa6c7e3e316d56d2cef3bf30b9440ec0ed2c4534a8a7446d4f77cc3df217666
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 31 Mar 2023 11:27:42 GMT
ETag: "415b6680b02dde81c004c6f3101a82c3a88ceed4"
Last-Modified: Mon, 27 Mar 2023 11:27:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1677
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae842c85d0f0b02-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 8b93578d3885b1d8dba75852bce99cdf
415b6680b02dde81c004c6f3101a82c3a88ceed4
5aa6c7e3e316d56d2cef3bf30b9440ec0ed2c4534a8a7446d4f77cc3df217666
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 31 Mar 2023 11:27:42 GMT
ETag: "415b6680b02dde81c004c6f3101a82c3a88ceed4"
Last-Modified: Mon, 27 Mar 2023 11:27:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1677
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae842c86e690b51-OSL
hm.baidu.com/hm.js?48f405b2f405e5c09bc44586ea16195b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?48f405b2f405e5c09bc44586ea16195b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash 3905168b8b990e480382f5de95033564
45fbde70e6f6f9547092cc838ab2ec72c7a22aca
fe50423e2c6d233d7a136c92f1661f1935cb51b67d7d9276569e0c3e90be742d
GET /hm.js?48f405b2f405e5c09bc44586ea16195b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.verificapaypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11261
Content-Type: application/javascript
Date: Mon, 27 Mar 2023 14:18:08 GMT
Etag: fae800a231f67acd96813118fd7fc9d1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=35A9250EE05C5706; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?15104cdb12c8eccf45468fddc29aa81a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?15104cdb12c8eccf45468fddc29aa81a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 143656b41f2fa6edeb44c897fabc0161
09e6734962cd9333a1d432478079ba5a085deaac
d889277038eff0164855f84c76241d7ce5a19c196a898d5a2f46d2d92056e321
GET /hm.js?15104cdb12c8eccf45468fddc29aa81a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.verificapaypal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Mon, 27 Mar 2023 14:18:08 GMT
Etag: ffb3476f590276d62adea128b5884127
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FD183E7FD7EB5C04; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=722286778&si=48f405b2f405e5c09bc44586ea16195b&v=1.3.0&lv=1&sn=2517&r=0&ww=1280&u=http%3A%2F%2Fwww.verificapaypal.com%2Fit2819291231%2Fe0527c739b4dd77%2Flogin.php&tt=%E7%99%BD%E9%93%B6%E9%A3%9F%E6%B2%A7%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=722286778&si=48f405b2f405e5c09bc44586ea16195b&v=1.3.0&lv=1&sn=2517&r=0&ww=1280&u=http%3A%2F%2Fwww.verificapaypal.com%2Fit2819291231%2Fe0527c739b4dd77%2Flogin.php&tt=%E7%99%BD%E9%93%B6%E9%A3%9F%E6%B2%A7%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=722286778&si=48f405b2f405e5c09bc44586ea16195b&v=1.3.0&lv=1&sn=2517&r=0&ww=1280&u=http%3A%2F%2Fwww.verificapaypal.com%2Fit2819291231%2Fe0527c739b4dd77%2Flogin.php&tt=%E7%99%BD%E9%93%B6%E9%A3%9F%E6%B2%A7%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.verificapaypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 27 Mar 2023 14:18:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=487BEC23B696118D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=968009850&si=15104cdb12c8eccf45468fddc29aa81a&v=1.3.0&lv=1&sn=2517&r=0&ww=1280&u=http%3A%2F%2Fwww.verificapaypal.com%2Fit2819291231%2Fe0527c739b4dd77%2Flogin.php&tt=%E7%99%BD%E9%93%B6%E9%A3%9F%E6%B2%A7%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=968009850&si=15104cdb12c8eccf45468fddc29aa81a&v=1.3.0&lv=1&sn=2517&r=0&ww=1280&u=http%3A%2F%2Fwww.verificapaypal.com%2Fit2819291231%2Fe0527c739b4dd77%2Flogin.php&tt=%E7%99%BD%E9%93%B6%E9%A3%9F%E6%B2%A7%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=968009850&si=15104cdb12c8eccf45468fddc29aa81a&v=1.3.0&lv=1&sn=2517&r=0&ww=1280&u=http%3A%2F%2Fwww.verificapaypal.com%2Fit2819291231%2Fe0527c739b4dd77%2Flogin.php&tt=%E7%99%BD%E9%93%B6%E9%A3%9F%E6%B2%A7%E9%87%91%E8%9E%8D%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.verificapaypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 27 Mar 2023 14:18:09 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=359F745052FF6DB6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 173213d4d4f2ed3e82e96332200514aa
2b3a165936762a8bbb1a4b2d1f0a1e14f6cc45c5
f013ed6c3d80e0469fcdcdca80b52b2027b8752c601a99f6a9f9f7a0365bc250
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F013ED6C3D80E0469FCDCDCA80B52B2027B8752C601A99F6A9F9F7A0365BC250"
Last-Modified: Sun, 26 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6428
Expires: Mon, 27 Mar 2023 16:05:17 GMT
Date: Mon, 27 Mar 2023 14:18:09 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash a0b1fbd7f49f655cafe484cfa9fd4555
7ab709a68b855d009d5774a6284ae081eaf4cdef
35a5095db238e9c2bf7a37e8140512533944ab1676f5c6d701f90f3e1833ea6c
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Fri, 31 Mar 2023 11:17:43 GMT
ETag: "7ab709a68b855d009d5774a6284ae081eaf4cdef"
Last-Modified: Mon, 27 Mar 2023 11:17:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2597
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae842ddeaf10b41-OSL
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash a0b1fbd7f49f655cafe484cfa9fd4555
7ab709a68b855d009d5774a6284ae081eaf4cdef
35a5095db238e9c2bf7a37e8140512533944ab1676f5c6d701f90f3e1833ea6c
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Fri, 31 Mar 2023 11:17:43 GMT
ETag: "7ab709a68b855d009d5774a6284ae081eaf4cdef"
Last-Modified: Mon, 27 Mar 2023 11:17:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2597
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae842dde876b4ee-OSL
228tuchuang.com/200x200.gif
23.224.27.253200 OK 872 B URL HTTP/1.1 228tuchuang.com/200x200.gif
IP 23.224.27.253:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (872), with no line terminators
Hash 926f887ca0ba843f17b1be78373a7a36
f256367e94685e5b80b6eb68ddabb1f41b6a2bd7
026a7eb52b31dae67ab7aaab48ba485fcbacf599bedca752c54f48b718796a1c
GET /200x200.gif HTTP/1.1
Host: 228tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 872
Pragma: no-cache
Cache-control: no-store
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash fb4bc86c992931e24f7891b8ee6d194c
384eadd696148ada37017a37559a2970e2c80194
842575870dbd8188e7e29f1526550afac9ba272e7296d1ef8abdf37402a6b7aa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 01:54:32 GMT
Expires: Mon, 03 Apr 2023 01:54:31 GMT
Etag: "384eadd696148ada37017a37559a2970e2c80194"
Cache-Control: max-age=559579,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ae842ddecf3b51e-OSL
www.155pic.com/upload/vod/2022/11/xuvcmn5w2ze.jpg
104.22.21.196200 OK 8.6 kB URL HTTP/2 www.155pic.com/upload/vod/2022/11/xuvcmn5w2ze.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c730c0bdfb5f9834a78b60f3481db88
a1210b7539cebfefae6457f5c183a955ebbcdbe6
685c24c0ba7f351bac0f71cff68c65139e0d1658d995b5976aa91fce489ec8cc
GET /upload/vod/2022/11/xuvcmn5w2ze.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 8620
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9659
content-disposition: inline; filename="xuvcmn5w2ze.webp"
etag: "6376ad08-25bb"
last-modified: Thu, 17 Nov 2022 21:52:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4580
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de3c8db529-OSL
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/static/css/bootstrap.min.css
45.196.99.100200 OK 34 kB URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/static/css/bootstrap.min.css
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d1f353dc9a52dced38265139a7f9b5d5
0447e0bd4b0f4f62193b9425b766b53578a77e99
7d4b382de30ccc58ccfbf42165128a37e20587a43737c039734f9ca32ae8ada6
GET /template/m1938pc/static/css/bootstrap.min.css HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: text/css
last-modified: Wed, 06 Apr 2022 08:35:42 GMT
vary: Accept-Encoding
etag: W/"624d50de-22135"
expires: Tue, 28 Mar 2023 02:18:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/11/4swtqaufliu.jpg
104.22.21.196200 OK 7.3 kB URL HTTP/2 www.155pic.com/upload/vod/2022/11/4swtqaufliu.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 39f82a473450c3348bd4ac4a01088767
d06322dc8952dae0b15855d524b8374f3a1e7670
69e497c1a3ea4992452f87a107fcfcfaa198dcbdb7a28e2fd2c15406e83acffd
GET /upload/vod/2022/11/4swtqaufliu.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 7284
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8329
content-disposition: inline; filename="4swtqaufliu.webp"
etag: "637f3fd4-2089"
last-modified: Thu, 24 Nov 2022 09:56:36 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4580
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de4cbfb529-OSL
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/static/css/mm-content.css
45.196.99.100200 OK 7.5 kB URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/static/css/mm-content.css
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 28554aa72444c3181dcfa03a79e9e0bc
4c5a3622a907e81a374a5d74c8d9c26286a1f9d2
3a80c0e0e74c25c777ce0196cf560b292edf5f8cff84072905d4af78f0bfe7b7
GET /template/m1938pc/static/css/mm-content.css HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: text/css
last-modified: Wed, 06 Apr 2022 08:35:42 GMT
vary: Accept-Encoding
etag: W/"624d50de-1c35"
expires: Tue, 28 Mar 2023 02:18:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/static/css/style.css
45.196.99.100200 OK 22 kB URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/static/css/style.css
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 034f915804c15ebfda923472ff8326f5
0568fa22ff9bd009440f5324f943761889b02e84
d01087ca21b64aadf5c8b166c2207f7de99f568ecedb0cf7df72a61c8b569f1e
GET /template/m1938pc/static/css/style.css HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: text/css
last-modified: Wed, 06 Apr 2022 08:35:42 GMT
vary: Accept-Encoding
etag: W/"624d50de-d28f"
expires: Tue, 28 Mar 2023 02:18:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash 2fe653747c89d80f97bbf93d535d65c3
6e2c53f301bd32c2d0ed608d2a11fe26f047aa18
8caf8d92cc37bd030bc903516a9dd2db68dcb71608123373168d343a2f5c0963
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=448
Date: Mon, 27 Mar 2023 14:18:11 GMT
Connection: keep-alive
X-N: S
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2f3801759395d06e788ef859d0b4a75b
a085e9fd7fd22c1b2061a5261e0fc6dc55b5f3ca
4b63b042b3de6e7d2bbb0a471238f7b387fd3243f32298329c825e89f02a7bba
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 03:52:54 GMT
Expires: Fri, 31 Mar 2023 03:52:53 GMT
Etag: "a085e9fd7fd22c1b2061a5261e0fc6dc55b5f3ca"
Cache-Control: max-age=307481,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ae842de6dceb51e-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2f7e1dbca8e483c6eb78baa6f6de41ed
16e34f0a978fb3e84a71173ac8c1263f53134c86
e76a19ffde98722542fdeb1acd3ac4c637ce21dbb4305cc6fac0dc72b4e41b31
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E76A19FFDE98722542FDEB1ACD3AC4C637CE21DBB4305CC6FAC0DC72B4E41B31"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8068
Expires: Mon, 27 Mar 2023 16:32:39 GMT
Date: Mon, 27 Mar 2023 14:18:11 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 3802d90f87f766e38e89a87cf2b9f01e
9b7e076c666f5eb754c2c9f970dc5095be0ba305
5ab74e44f07afecdbce2768aa67766ef4c6de851226c2de2419ceda1799464e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 11:31:01 GMT
Expires: Fri, 31 Mar 2023 11:31:00 GMT
Etag: "9b7e076c666f5eb754c2c9f970dc5095be0ba305"
Cache-Control: max-age=334968,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ae842debe830b49-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c9b5a58d998f9ea1f805519c2795431e
64ba98655b1daf286ce17a67ab959d57894e4543
4287ef7fa28879705cced3884b41fbb0d289490d94114839272ad5f6ef6cb460
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 19:49:43 GMT
Expires: Fri, 31 Mar 2023 19:49:42 GMT
Etag: "64ba98655b1daf286ce17a67ab959d57894e4543"
Cache-Control: max-age=364890,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ae842deb8370b51-OSL
www.155pic.com/upload/vod/2022/09/sb20tg5djsn.jpg
104.22.21.196200 OK 9.1 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/sb20tg5djsn.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c3ef787cec3969db75bbc5e4d122382
3a7aebeb4eb1a43d1be1e02f6fae3cabcaf9afda
61bb08b2b40c95c7c00b16aa61f781ddf2fac9f8d056c76520cbd41bc309d59e
GET /upload/vod/2022/09/sb20tg5djsn.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 9110
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9737
content-disposition: inline; filename="sb20tg5djsn.webp"
etag: "631f29bf-2609"
last-modified: Mon, 12 Sep 2022 12:44:47 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de3ca1b529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/4c32bcymojx.jpg
104.22.21.196200 OK 13 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/4c32bcymojx.jpg
IP 104.22.21.196:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash f19449badb14156d2122e67cf848c1d7
d9fabbf0773b781ca81d49c21b726924cca5e937
957ca2db6154f2817ef2dfeba6f31e30b5a1ea13aa6b2f687288824146359ba5
GET /upload/vod/2022/09/4c32bcymojx.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/jpeg
content-length: 13392
cf-bgj: imgq:85,h2pri
cf-polished: origSize=14100, status=webp_bigger
etag: "631f29a6-3714"
last-modified: Mon, 12 Sep 2022 12:44:22 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae842de3c97b529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/losktqgv0ts.jpg
104.22.21.196200 OK 4.3 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/losktqgv0ts.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0f891d9ba9b160b972194fa2a2961dda
240debde2d2806bf1d38477df6346e633f023691
c0a3dbc286cbf8abfb847bb3f55f69228298beadec2f739e6b016b817e558ef0
GET /upload/vod/2022/09/losktqgv0ts.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 4250
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6409
content-disposition: inline; filename="losktqgv0ts.webp"
etag: "631f4f7e-1909"
last-modified: Mon, 12 Sep 2022 15:25:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de4cadb529-OSL
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/html9/awww/zxf.js
45.196.99.100200 OK 1.3 kB URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/html9/awww/zxf.js
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 7b686c01cbf50effea50ffa1e955e383
225a1f2aefa4d035a264c76a92af115eda8cd86a
7162994306e67df92483227b64840c866e8ac0b3005e62dfdfc0d73fcb94bf05
GET /template/m1938pc/html9/awww/zxf.js HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: application/javascript
last-modified: Thu, 23 Mar 2023 09:17:18 GMT
vary: Accept-Encoding
etag: W/"641c191e-dc2"
expires: Tue, 28 Mar 2023 02:18:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/eht1x1svzz2.jpg
104.22.21.196200 OK 8.9 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/eht1x1svzz2.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 82a901df0245d1bf8a8821265fd58b17
dfe4cfa26e4e07799eb150056881773f953d62fa
f78ab5495d455fc07f07e45a077745337102f02661d5712fc265a31f4f2acf71
GET /upload/vod/2022/09/eht1x1svzz2.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 8892
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11428
content-disposition: inline; filename="eht1x1svzz2.webp"
etag: "631f29bb-2ca4"
last-modified: Mon, 12 Sep 2022 12:44:43 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de3c9eb529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/5nkvj1ovdko.jpg
104.22.21.196200 OK 3.6 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/5nkvj1ovdko.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4e5b20b85fce2a7c5ea1180dbc7b07fd
d9d6bb6d0b626b19fe72be5864db638bedd2b186
607a2cf3505681808a458ceb462efd4f58d0bbce8589f61244dfebdf8ed893e4
GET /upload/vod/2022/09/5nkvj1ovdko.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 3634
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5646
content-disposition: inline; filename="5nkvj1ovdko.webp"
etag: "631f4f83-160e"
last-modified: Mon, 12 Sep 2022 15:25:55 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de4caeb529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/0cesogg0n01.jpg
104.22.21.196200 OK 10 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/0cesogg0n01.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7dd4147752f9995563cf112c843e3481
c4b69c40da005e06f19948c883f3a8f2d5d3bb1e
b7b56974a42ddb1a6966764dd38641907d4a339ac1c9db5410a5932abaa8e67a
GET /upload/vod/2022/09/0cesogg0n01.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 10014
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10641
content-disposition: inline; filename="0cesogg0n01.webp"
etag: "631f4f8f-2991"
last-modified: Mon, 12 Sep 2022 15:26:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de4cb5b529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/13qtfs1u3ii.jpg
104.22.21.196200 OK 10 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/13qtfs1u3ii.jpg
IP 104.22.21.196:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash a4676b9b12cc7c85ee7f284b44c1be7b
cce00cc2f9e89d7d6f4264820fea35b785710604
bb774c0dbd6ddce4f45840d40b07f43b9c109864cdcc45fb9a317a3909e9b783
GET /upload/vod/2022/09/13qtfs1u3ii.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/jpeg
content-length: 10400
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10778, status=webp_bigger
etag: "631f4f76-2a1a"
last-modified: Mon, 12 Sep 2022 15:25:42 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae842de3ca6b529-OSL
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/static/css/white.css
45.196.99.100200 OK 14 kB URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/static/css/white.css
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
Hash aa13918be8054baf0e313aea15335f7a
8d6202bab156d60d2d375c05f51ee36a0ff54d16
0d25a9dc2d994a262a8d9716e648aa1df8f563d50e268c53457a5c1036fa5290
GET /template/m1938pc/static/css/white.css HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: text/css
last-modified: Wed, 06 Apr 2022 08:35:42 GMT
vary: Accept-Encoding
etag: W/"624d50de-25d6"
expires: Tue, 28 Mar 2023 02:18:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/l0ylg2jqney.jpg
104.22.21.196200 OK 5.2 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/l0ylg2jqney.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9f1a5d30a092e67a0501e5443d6377cd
aedaf909b3b04ad650edf3bb8b5df7b27ca5c45d
a149741e64c067a36405511b0e566fa8f7fc67bb95dfe672aec468f5a97f2bc5
GET /upload/vod/2022/09/l0ylg2jqney.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 5166
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6624
content-disposition: inline; filename="l0ylg2jqney.webp"
etag: "631f29b7-19e0"
last-modified: Mon, 12 Sep 2022 12:44:39 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de3c9db529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/jm5rhiwpj2h.jpg
104.22.21.196200 OK 5.2 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/jm5rhiwpj2h.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1b02b7664f5c4afad969534c4dd4e819
2d372d3ee743cc2c67bfb287563842be0adbb22a
5026fe238bb3972f5522ef731ffcb184acd33967f7c3603377ea8a736849df37
GET /upload/vod/2022/09/jm5rhiwpj2h.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 5162
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7529
content-disposition: inline; filename="jm5rhiwpj2h.webp"
etag: "631f4f72-1d69"
last-modified: Mon, 12 Sep 2022 15:25:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de3ca3b529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/xsqhi3gffpf.jpg
104.22.21.196200 OK 8.5 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/xsqhi3gffpf.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a4beb4d7f3d0de8f137120d9340853de
7d663b496c4943e3dd72ec2ed61df0d8dc8df0bd
71179a5003738456f7e871cc8ba5633fb7e6fd1f7cf673cc44752bef020c44c6
GET /upload/vod/2022/09/xsqhi3gffpf.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 8526
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11115
content-disposition: inline; filename="xsqhi3gffpf.webp"
etag: "631f4f98-2b6b"
last-modified: Mon, 12 Sep 2022 15:26:16 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de4cbab529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/xwwdotjwiyo.jpg
104.22.21.196200 OK 13 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/xwwdotjwiyo.jpg
IP 104.22.21.196:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash c5ef3705af195d836fb4e01ab026ce54
e552525b0714e943677ac7fc6fcf752e8debebe5
022bc6a55a734da201b0881b96b70d0697a66d3b210a121c996dc6a8a579f3e5
GET /upload/vod/2022/09/xwwdotjwiyo.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/jpeg
content-length: 13184
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13912, status=webp_bigger
etag: "631f29ae-3658"
last-modified: Mon, 12 Sep 2022 12:44:30 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae842de3c9ab529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/zc5grf2j51l.jpg
104.22.21.196200 OK 7.9 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/zc5grf2j51l.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6e38ef203321ff25b8f6efb3f409bbad
714295843128fdc996ac5ce93a7e621b56002841
50e95321d6f1bf27813b01f39d3c3c44b2f4cccc8b3133f5030f406a3964ca27
GET /upload/vod/2022/09/zc5grf2j51l.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 7868
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9036
content-disposition: inline; filename="zc5grf2j51l.webp"
etag: "631f29a9-234c"
last-modified: Mon, 12 Sep 2022 12:44:25 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de3c99b529-OSL
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/
45.196.99.100200 OK 144 kB IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
Size 144 kB (144291 bytes)
Hash 516da101f232ed05198a6509dcd39328
b301db2a279699bcbcb9a2c6aef0b0630811ff0a
b2bd5e0ea181d102e20f4a4fcd1879c8f6bd4d7974c9f94f9265802639d2776c
GET / HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.verificapaypal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/5n4kbwu11wa.jpg
104.22.21.196200 OK 9.3 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/5n4kbwu11wa.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 22ac9eac8fd66b24a729448ffec9fe92
03925f58dbd411d4e5a5414206d7c7e6f5ad141d
4945aac6268bc3e979bcbeb6de75fca9338b82e3c8a3a020a841aca2499abfc8
GET /upload/vod/2022/09/5n4kbwu11wa.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 9310
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10251
content-disposition: inline; filename="5n4kbwu11wa.webp"
etag: "631f4f87-280b"
last-modified: Mon, 12 Sep 2022 15:25:59 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de4cb4b529-OSL
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/static/js/function.js
45.196.99.100200 OK 16 kB URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/static/js/function.js
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 79875a6664c2d410cf65fdc33e2980ee
55cb50f4a871554c322f903d0f6f29c85e9fe211
136c59d65df4026ffdf11b4bd298325421567e71fa1a08f0096415530eddc07c
GET /template/m1938pc/static/js/function.js HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:35:42 GMT
vary: Accept-Encoding
etag: W/"624d50de-515a"
expires: Tue, 28 Mar 2023 02:18:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/static/js/common.js
45.196.99.100200 OK 16 kB URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/static/js/common.js
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 9e7dfc91513563aeda69ebe9c8aa25ba
33654afa97326a9ec124c423c3179a8b5908ff0c
579097c0f11ac3abf9f08a34f867bd5bd6c7989f454d5f2439e62935956810d8
GET /template/m1938pc/static/js/common.js HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:35:42 GMT
vary: Accept-Encoding
etag: W/"624d50de-2766"
expires: Tue, 28 Mar 2023 02:18:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/kxkmkxvchdc.jpg
104.22.21.196200 OK 4.8 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/kxkmkxvchdc.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 149716d07ad84c380f73878390f5803a
dba001024e21f6a6a2d3b59ae2a136037639deb2
4527c737734369fba287e9b93eb11330fe941b3ad3d9f43bba1db7af1d5256e9
GET /upload/vod/2022/09/kxkmkxvchdc.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 4756
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6672
content-disposition: inline; filename="kxkmkxvchdc.webp"
etag: "631f4f79-1a10"
last-modified: Mon, 12 Sep 2022 15:25:45 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de3cabb529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/dkkdbprdune.jpg
104.22.21.196200 OK 10 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/dkkdbprdune.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d9a60b442d7d0bc3b54a925cd5db86eb
28b440af7c9400ea7e39eab2ccfa26ccfc381f7a
299951fcefbdef0ba16f9817be4adc96f0a71eff04d87c0ad6751cd67398e6ee
GET /upload/vod/2022/09/dkkdbprdune.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 10224
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10344
content-disposition: inline; filename="dkkdbprdune.webp"
etag: "631f29b2-2868"
last-modified: Mon, 12 Sep 2022 12:44:34 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de3c9bb529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/uyzrbbmlidc.jpg
104.22.21.196200 OK 10 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/uyzrbbmlidc.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 323a174ec72f60c9748c76ef8ad06dff
48ad03a355a1f0923306f694364a3552f1f6b696
720b87858d766882b4f1c00c287ea71ae81546860d05ece1eaed0e0b92c0a030
GET /upload/vod/2022/09/uyzrbbmlidc.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 10150
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11290
content-disposition: inline; filename="uyzrbbmlidc.webp"
etag: "631f4f92-2c1a"
last-modified: Mon, 12 Sep 2022 15:26:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de4cb8b529-OSL
X-Firefox-Spdy: h2
www.155pic.com/upload/vod/2022/09/1l0hdeftinh.jpg
104.22.21.196200 OK 5.8 kB URL HTTP/2 www.155pic.com/upload/vod/2022/09/1l0hdeftinh.jpg
IP 104.22.21.196:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b2ef10da5e9668bdd090f0c44e4a379
b04a70d8f916ff382fa47b6f5e42714519001fd8
0cd6abcb0bf22cf880a58eb86f351c8cab4d1bc3281e2138b7e74c3ff9adb1e3
GET /upload/vod/2022/09/1l0hdeftinh.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/webp
content-length: 5824
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7700
content-disposition: inline; filename="1l0hdeftinh.webp"
etag: "631f29a1-1e14"
last-modified: Mon, 12 Sep 2022 12:44:17 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 7ae842de3c95b529-OSL
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8e931a37002c96d905fe6c401ed184d1
01b5c9d4955811a624b55b71946b015b69c1f24a
90103c08cbd91433fbfc88ce2daca2e7470f83b0066a53bb8269c6546bc29b35
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 22:47:19 GMT
Expires: Fri, 31 Mar 2023 22:47:18 GMT
Etag: "01b5c9d4955811a624b55b71946b015b69c1f24a"
Cache-Control: max-age=386454,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae842e088f6b524-OSL
hm.baidu.com/hm.js?01113d70ebc313d3f7c8af24331c8e4f
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?01113d70ebc313d3f7c8af24331c8e4f
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 9508875fd094ec454f454900c3484283
701bdb54370c7d942020cb920a44e7fab592d096
1444542168bc15d212b1294b901dd5ba097f2f04e19981655ca5fa2b6e4c8d98
GET /hm.js?01113d70ebc313d3f7c8af24331c8e4f HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Mon, 27 Mar 2023 14:18:11 GMT
Etag: 838286731eb91c27f72bf29136c4740a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2785C14EF88E25A0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
img.1795a.com/images/63f8582ecbc7ef2e7faabbf5.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.1795a.com/images/63f8582ecbc7ef2e7faabbf5.gif
IP 3.36.126.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/63f8582ecbc7ef2e7faabbf5.gif HTTP/1.1
Host: img.1795a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://img.mengzhan24.com/loveimgmoe/10/1b/636b552214dd2ea30a79101b.gif
X-Firefox-Spdy: h2
img.2332a.com/images/63f857cccbc7ef2e7faabbf2.gif
3.36.126.81302 Found 0 B URL HTTP/2 img.2332a.com/images/63f857cccbc7ef2e7faabbf2.gif
IP 3.36.126.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/63f857cccbc7ef2e7faabbf2.gif HTTP/1.1
Host: img.2332a.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
referrer-policy: no-referrer
cache-control: max-age=600
location: https://img.mengzhan24.com/loveimgmoe/6c/85/6319c0d8f74eb42056026c85.gif
X-Firefox-Spdy: h2
img.mengzhan24.com/loveimgmoe/10/1b/636b552214dd2ea30a79101b.gif
172.67.24.77200 OK 430 kB URL HTTP/2 img.mengzhan24.com/loveimgmoe/10/1b/636b552214dd2ea30a79101b.gif
IP 172.67.24.77:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 430 kB (430451 bytes)
Hash ce656b314ab5bae63751a348c3a20091
2f5cc0ba548048be7f103e994e03fecedb58dd75
2698347346cd575b327aa85cde78dc6db77bb5f963c0976d83a5e78d6bd3374d
GET /loveimgmoe/10/1b/636b552214dd2ea30a79101b.gif HTTP/1.1
Host: img.mengzhan24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:12 GMT
content-type: image/jpeg
content-length: 430451
cache-control: max-age=2678400
last-modified: Sat, 18 Mar 2023 16:43:18 GMT
cf-cache-status: HIT
age: 271988
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7ae842e19c321c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8e931a37002c96d905fe6c401ed184d1
01b5c9d4955811a624b55b71946b015b69c1f24a
90103c08cbd91433fbfc88ce2daca2e7470f83b0066a53bb8269c6546bc29b35
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 24 Mar 2023 22:47:19 GMT
Expires: Fri, 31 Mar 2023 22:47:18 GMT
Etag: "01b5c9d4955811a624b55b71946b015b69c1f24a"
Cache-Control: max-age=386454,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae842e079c60b4d-OSL
img.mengzhan24.com/loveimgmoe/6c/85/6319c0d8f74eb42056026c85.gif
172.67.24.77200 OK 498 kB URL HTTP/2 img.mengzhan24.com/loveimgmoe/6c/85/6319c0d8f74eb42056026c85.gif
IP 172.67.24.77:0
File type GIF image data, version 89a, 960 x 70\012- data
Size 498 kB (497844 bytes)
Hash 9d43f768f1897d7d3fd5ba803e1a770a
ff8fb3f427df7b6cfef65fcae162e0abab9474a4
00fe4f1ccfc623639abadf4e745aca22b946365e932a7a794d6c108fee0d85af
GET /loveimgmoe/6c/85/6319c0d8f74eb42056026c85.gif HTTP/1.1
Host: img.mengzhan24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:12 GMT
content-type: image/jpeg
content-length: 497844
cache-control: max-age=2678400
last-modified: Sat, 18 Mar 2023 16:42:38 GMT
cf-cache-status: HIT
age: 54957
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7ae842e19c3e1c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
228tuchuang.com/960x120.gif
23.224.27.253200 OK 174 kB URL HTTP/1.1 228tuchuang.com/960x120.gif
IP 23.224.27.253:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 174 kB (173842 bytes)
Hash 3e8c3a6a5aa9f9c64883cd1c97e1bc82
fa46906673f0aabc73354bcc8d1ba680cbeb3e3a
94feaaab985537f58a5339bf967bee4ce167f3803928e402c53c4f1e1231e86e
GET /960x120.gif HTTP/1.1
Host: 228tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:11 GMT
Content-Type: image/gif
Content-Length: 173842
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 06:49:35 GMT
ETag: "6401987f-2a712"
Expires: Thu, 20 Apr 2023 21:17:35 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
47.246.44.252200 OK 9.2 kB URL HTTP/2 img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
IP 47.246.44.252:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 43ae14560cdbc69ce960a28002f04309
4dc694c2754882f840c77807016676732c38138b
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
GET /imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg HTTP/1.1
Host: img.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 9166
date: Tue, 10 May 2022 07:04:29 GMT
last-modified: Fri, 13 Aug 2021 10:28:00 GMT
picasso-ret-code: SUCCESS
request-time: 0.160
expires: Wed, 10 May 2023 07:04:29 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1652166269
via: cache31.l2ot7-1[0,1,200-0,H], cache21.l2ot7-1[2,0], cache1.se1[0,0,200-0,H], cache5.se1[1,0]
access-control-allow-origin: *
age: 27760423
x-cache: HIT TCP_MEM_HIT dirn:4:129571929
x-swift-savetime: Sun, 12 Feb 2023 10:08:36 GMT
x-swift-cachetime: 7505753
s-rt: 1
timing-allow-origin: *
eagleid: 2ff62c9916799266921852745e
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecce93d92989688a9a1655276dd49ca9
072f4c29816576f8b6439acf1745a2b00e1c73af
da72353c6d448bccd8fda7c3ba399e961f508976e3a526f3ab3928fbf1051904
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA72353C6D448BCCD8FDA7C3BA399E961F508976E3A526F3AB3928FBF1051904"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10664
Expires: Mon, 27 Mar 2023 17:15:56 GMT
Date: Mon, 27 Mar 2023 14:18:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecce93d92989688a9a1655276dd49ca9
072f4c29816576f8b6439acf1745a2b00e1c73af
da72353c6d448bccd8fda7c3ba399e961f508976e3a526f3ab3928fbf1051904
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA72353C6D448BCCD8FDA7C3BA399E961F508976E3A526F3AB3928FBF1051904"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10664
Expires: Mon, 27 Mar 2023 17:15:56 GMT
Date: Mon, 27 Mar 2023 14:18:12 GMT
Connection: keep-alive
ocsp.usertrust.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash cf367841dfab6b565580d1fad0b7a21d
23897e81265ef33edd4b176710af490304e16be2
1fb59da3c3aa0429cf30bd1a7485749d7400ce28dffe41ebe2b62fdd1d6fdb45
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 14:18:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 03:05:41 GMT
Expires: Sun, 02 Apr 2023 03:05:40 GMT
Etag: "23897e81265ef33edd4b176710af490304e16be2"
Cache-Control: max-age=488356,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae842e14a17b524-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecce93d92989688a9a1655276dd49ca9
072f4c29816576f8b6439acf1745a2b00e1c73af
da72353c6d448bccd8fda7c3ba399e961f508976e3a526f3ab3928fbf1051904
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA72353C6D448BCCD8FDA7C3BA399E961F508976E3A526F3AB3928FBF1051904"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10641
Expires: Mon, 27 Mar 2023 17:15:33 GMT
Date: Mon, 27 Mar 2023 14:18:12 GMT
Connection: keep-alive
587tuchuang.com/960x120.gif
23.224.27.252200 OK 54 kB URL HTTP/2 587tuchuang.com/960x120.gif
IP 23.224.27.252:0
File type GIF image data, version 89a, 960 x 120\012- data
Hash 1b0debb707f7274e95ae467969832663
7787ea12e377677eccfcbba7f7fc14b18602ddad
688c201ad0040278d8431382eeeb71ea318699cc7d4ccf167132e5818473d55f
GET /960x120.gif HTTP/1.1
Host: 587tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/gif
content-length: 53701
last-modified: Thu, 15 Dec 2022 13:32:00 GMT
etag: "639b21d0-d1c5"
expires: Thu, 20 Apr 2023 21:17:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
5976tp1.com/x200-200.gif
162.250.140.22200 OK 181 kB IP 162.250.140.22:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 181 kB (181191 bytes)
Hash a58962d2f2711e16409d5d59077f3aaf
9a1ac09361751b738fad55bc1886b2bc62806c3d
373b70a22d7acf449825f9345a59951ee5179ae6a98562febfb3f93e5fa680bf
GET /x200-200.gif HTTP/1.1
Host: 5976tp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Mar 2023 14:18:27 GMT
Content-Type: image/gif
Content-Length: 181191
Connection: keep-alive
Last-Modified: Thu, 23 Feb 2023 03:01:53 GMT
ETag: "63f6d721-2c3c7"
Expires: Sat, 25 Mar 2023 04:10:28 GMT
Cache-Control: max-age=2592000
Via: 162.250.140.18
CDN-Cache: HIT
Accept-Ranges: bytes
587tuchuang.com/200x200.gif
23.224.27.252200 OK 28 kB URL HTTP/2 587tuchuang.com/200x200.gif
IP 23.224.27.252:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 522db5903163ecd827ad83b0e2fc76b8
f781736eada01ec1416bea7dfd1e0e5a19fb5c53
7c5e31f913860f6faf785df79a59f149319c62c099449129712b0b81e20653c2
GET /200x200.gif HTTP/1.1
Host: 587tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/gif
content-length: 27469
last-modified: Wed, 21 Dec 2022 13:19:01 GMT
etag: "63a307c5-6b4d"
expires: Thu, 20 Apr 2023 21:17:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
5976tp1.com/x300-160.gif
162.250.140.22200 OK 118 kB IP 162.250.140.22:0
File type GIF image data, version 89a, 300 x 160\012- data
Size 118 kB (118136 bytes)
Hash ad11a3cf29281f392004aeaaeb0740fe
5c63e894a2aa8959220f74d449b57be92085d4d5
088cab485c8f42bc5e49c23e6eff59a8f7e155cff644f7cac49652928fa827ce
GET /x300-160.gif HTTP/1.1
Host: 5976tp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Mar 2023 14:18:27 GMT
Content-Type: image/gif
Content-Length: 118136
Connection: keep-alive
Last-Modified: Thu, 23 Feb 2023 03:01:54 GMT
ETag: "63f6d722-1cd78"
Expires: Sat, 25 Mar 2023 03:44:14 GMT
Cache-Control: max-age=2592000
Via: 162.250.140.18
CDN-Cache: HIT
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1066776343&si=01113d70ebc313d3f7c8af24331c8e4f&su=http%3A%2F%2Fwww.verificapaypal.com%2F&v=1.3.0&lv=1&sn=2520&r=0&ww=1268&u=https%3A%2F%2Fahjend.dsjenufer.com%2F&tt=%E4%B9%85%E4%B9%85%E5%BD%B1%E9%99%A2www.jjxx88.com
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1066776343&si=01113d70ebc313d3f7c8af24331c8e4f&su=http%3A%2F%2Fwww.verificapaypal.com%2F&v=1.3.0&lv=1&sn=2520&r=0&ww=1268&u=https%3A%2F%2Fahjend.dsjenufer.com%2F&tt=%E4%B9%85%E4%B9%85%E5%BD%B1%E9%99%A2www.jjxx88.com
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1066776343&si=01113d70ebc313d3f7c8af24331c8e4f&su=http%3A%2F%2Fwww.verificapaypal.com%2F&v=1.3.0&lv=1&sn=2520&r=0&ww=1268&u=https%3A%2F%2Fahjend.dsjenufer.com%2F&tt=%E4%B9%85%E4%B9%85%E5%BD%B1%E9%99%A2www.jjxx88.com HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 27 Mar 2023 14:18:12 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=783E62AFEAF21981; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
amwnsr2.oss-cn-hongkong.aliyuncs.com/zhandiantupian/weinisr960x60.gif
47.75.19.127200 OK 466 kB URL HTTP/1.1 amwnsr2.oss-cn-hongkong.aliyuncs.com/zhandiantupian/weinisr960x60.gif
IP 47.75.19.127:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 466 kB (466231 bytes)
Hash 2d5acfdeae9aa51b650a22e6cfe80eab
f3da6f58d7e2e93ac3b1a80e2a33d97809d407dd
51d3ee5801161b7a25ee9c244177cb229ae94864ea578fa36e113b2a8afb0d41
GET /zhandiantupian/weinisr960x60.gif HTTP/1.1
Host: amwnsr2.oss-cn-hongkong.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Mon, 27 Mar 2023 14:18:10 GMT
Content-Type: image/gif
Content-Length: 466231
Connection: keep-alive
x-oss-request-id: 6421A5A223C0543735C67D68
Accept-Ranges: bytes
ETag: "2D5ACFDEAE9AA51B650A22E6CFE80EAB"
Last-Modified: Tue, 21 Mar 2023 09:15:13 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 25875504806329940
x-oss-storage-class: Standard
Content-Disposition: attachment=file
x-oss-version-id: null
Content-MD5: LVrP3q6apRtlCiLmz+gOqw==
x-oss-server-time: 2
ahjend.dsjenufer.com/template/m1938pc/static/css/zui.css
45.196.99.100200 OK 32 kB URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/static/css/zui.css
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
Hash afcec315f773fb1ce908b4a03c1b276c
ffc5bfafc9af3384efba5e75cde22906a8a89d49
876be8a318f30e95f6a2503ebf760311ac431f0089fd3fee22d9687585f87f0d
GET /template/m1938pc/static/css/zui.css HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: text/css
last-modified: Wed, 06 Apr 2022 08:35:42 GMT
vary: Accept-Encoding
etag: W/"624d50de-19030"
expires: Tue, 28 Mar 2023 02:18:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
1325604.com/tp/64x64.gif
162.250.141.227200 OK 54 kB IP 162.250.141.227:0
File type GIF image data, version 89a, 64 x 64\012- data
Hash 1bcb54537053d4d54351f11bfe8cbfbc
aa9024e163457e1a00a2d1703c551e310486c962
64135521bbd55fc77e746427ab4c211d484f2e2f1d73388b1a8586f9a7ed91b6
GET /tp/64x64.gif HTTP/1.1
Host: 1325604.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:12 GMT
content-type: image/gif
content-length: 53813
last-modified: Sun, 11 Dec 2022 07:19:32 GMT
etag: "63958484-d235"
expires: Wed, 26 Apr 2023 14:18:12 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
683tuchuang.com/200x200.gif
23.224.27.252200 OK 26 kB URL HTTP/2 683tuchuang.com/200x200.gif
IP 23.224.27.252:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 26a1927f8c2511e3a0d092826534489c
d5f66cdfa15a72c9a64f895ddd8d077893a69403
ab9fed67d408e7cb72b8997ba8d2f4a532f10f62d0233d4f02f04e97c0ff1935
GET /200x200.gif HTTP/1.1
Host: 683tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:12 GMT
content-type: image/gif
content-length: 25898
last-modified: Wed, 21 Dec 2022 13:20:55 GMT
etag: "63a30837-652a"
expires: Thu, 20 Apr 2023 21:17:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
595tuchuang.com/960x80.gif
23.224.27.252200 OK 145 kB URL HTTP/2 595tuchuang.com/960x80.gif
IP 23.224.27.252:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 145 kB (144990 bytes)
Hash 9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:11 GMT
content-type: image/gif
content-length: 144990
last-modified: Wed, 21 Dec 2022 13:28:21 GMT
etag: "63a309f5-2365e"
expires: Thu, 20 Apr 2023 21:17:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
683tuchuang.com/960x120.gif
23.224.27.252200 OK 132 kB URL HTTP/2 683tuchuang.com/960x120.gif
IP 23.224.27.252:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 132 kB (131626 bytes)
Hash 57fed77003db9bd71efaf63b28d3403e
72c38f28c54ce67c3eadefcbd17178fdb585d0f6
9e9ec958affca72c932bba76af6e039c9ea9911140c46df10a5e490aec7be0ae
GET /960x120.gif HTTP/1.1
Host: 683tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 14:18:12 GMT
content-type: image/gif
content-length: 131626
last-modified: Sat, 04 Feb 2023 12:11:08 GMT
etag: "63de4b5c-2022a"
expires: Thu, 20 Apr 2023 21:17:31 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
669aaa.us/b9eb46008eff41cea1e0baa1deadd7f9.gif
103.170.15.90200 OK 535 kB URL HTTP/1.1 669aaa.us/b9eb46008eff41cea1e0baa1deadd7f9.gif
IP 103.170.15.90:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 535 kB (535167 bytes)
Hash 28099e38f8c7e002553955e950a6f507
e52446e82f61cb8a48a0d38a06c95221168373dc
0444cfb5c99115355c739c2a660f75ac7090d15e5814893a384efdebd28f4dd9
GET /b9eb46008eff41cea1e0baa1deadd7f9.gif HTTP/1.1
Host: 669aaa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63f37475-82a7f"
Date: Tue, 21 Mar 2023 06:38:18 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 20 Feb 2023 13:24:05 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-20
Content-Length: 535167
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfff2233de757da3e71f8ac08a442a22
fb2226ac504759d7e5abc268c1e0c426024f512f
32d2fab2f25c590ec29ad7a4755aa56a58e378da0b72932b19a1567753896186
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32D2FAB2F25C590EC29AD7A4755AA56A58E378DA0B72932B19A1567753896186"
Last-Modified: Sat, 25 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4786
Expires: Mon, 27 Mar 2023 15:37:58 GMT
Date: Mon, 27 Mar 2023 14:18:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfff2233de757da3e71f8ac08a442a22
fb2226ac504759d7e5abc268c1e0c426024f512f
32d2fab2f25c590ec29ad7a4755aa56a58e378da0b72932b19a1567753896186
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32D2FAB2F25C590EC29AD7A4755AA56A58E378DA0B72932B19A1567753896186"
Last-Modified: Sat, 25 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4786
Expires: Mon, 27 Mar 2023 15:37:58 GMT
Date: Mon, 27 Mar 2023 14:18:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfff2233de757da3e71f8ac08a442a22
fb2226ac504759d7e5abc268c1e0c426024f512f
32d2fab2f25c590ec29ad7a4755aa56a58e378da0b72932b19a1567753896186
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32D2FAB2F25C590EC29AD7A4755AA56A58E378DA0B72932B19A1567753896186"
Last-Modified: Sat, 25 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4786
Expires: Mon, 27 Mar 2023 15:37:58 GMT
Date: Mon, 27 Mar 2023 14:18:12 GMT
Connection: keep-alive
6651tp.com/230X140.gif
162.250.141.238200 OK 49 kB IP 162.250.141.238:0
File type GIF image data, version 89a, 230 x 140\012- data
Hash 9678fab712f81c5308f111189308d46b
00c414eecefd48ebadb6516741070952bfde304f
8bd9ea621c0b1c7d59c0a42621c5106dd970bca90c70982509073d98e322bd78
GET /230X140.gif HTTP/1.1
Host: 6651tp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Mar 2023 06:01:43 GMT
Content-Type: image/gif
Content-Length: 49412
Connection: keep-alive
Last-Modified: Sun, 12 Mar 2023 08:52:52 GMT
ETag: "640d92e4-c104"
Expires: Wed, 26 Apr 2023 05:08:18 GMT
Cache-Control: max-age=2592000
Via: 162.250.141.234
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CDN-Cache: HIT
Accept-Ranges: bytes
5976tp1.com/x960-60.gif
162.250.140.22200 OK 417 kB IP 162.250.140.22:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 417 kB (416832 bytes)
Hash de3a6e038e3ae224477adc9249f17489
e95f0545feccd02770b26a4cf88facb5f1933c2a
b0406c22e53fb4e387f3954b4d8b55d3ab73b5f1cd97933518b5db88bf7f283d
GET /x960-60.gif HTTP/1.1
Host: 5976tp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Mar 2023 14:18:27 GMT
Content-Type: image/gif
Content-Length: 416832
Connection: keep-alive
Last-Modified: Thu, 23 Feb 2023 03:07:06 GMT
ETag: "63f6d85a-65c40"
Expires: Sat, 25 Mar 2023 03:13:21 GMT
Cache-Control: max-age=2592000
Via: 162.250.140.18
CDN-Cache: HIT
Accept-Ranges: bytes
569bbb.us/d6b3364958a84afeaff720b4bc6b0d06.gif
103.170.15.95200 OK 479 kB URL HTTP/1.1 569bbb.us/d6b3364958a84afeaff720b4bc6b0d06.gif
IP 103.170.15.95:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 479 kB (479291 bytes)
Hash 2ed84481fa98bd25050eecac92ced6db
2e9a11b0bedacef61fb5385176470000ef450b81
caa022285396e4021d71e2a45199d9d705d8a92184c8e1a8e48c0f4a50ca52f5
GET /d6b3364958a84afeaff720b4bc6b0d06.gif HTTP/1.1
Host: 569bbb.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "641c3a71-7503b"
Date: Thu, 23 Mar 2023 11:50:49 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 23 Mar 2023 11:39:29 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-25
Content-Length: 479291
668aaa.us/91f1637fa79644e5ba8dcdbd1d7b8368.gif
103.170.15.100200 OK 577 kB URL HTTP/1.1 668aaa.us/91f1637fa79644e5ba8dcdbd1d7b8368.gif
IP 103.170.15.100:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 60\012- data
Size 577 kB (577413 bytes)
Hash f64cbeb43b40a06a467d403c4ee8f584
87df926cfc971f9af3784707b24eaf97a7acdf2a
0b374b57ebcf263193d88c13eddb10aecc4e3e9ce6b0bba17fc9cb0b053bf438
GET /91f1637fa79644e5ba8dcdbd1d7b8368.gif HTTP/1.1
Host: 668aaa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63f3744d-8cf85"
Date: Mon, 06 Mar 2023 18:08:05 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 20 Feb 2023 13:23:25 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-30
Content-Length: 577413
6651tp.com/51201.gif
162.250.141.238200 OK 69 kB IP 162.250.141.238:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash f14a2a49d4999943713f49b985312035
c6715918b4408f1d173a0e4d96c47101a4f0f564
23fbe3b88384304f372771a3c7dc029fd4ebe7fa46d1f65a09438af1c8f82101
GET /51201.gif HTTP/1.1
Host: 6651tp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Mar 2023 06:01:43 GMT
Content-Type: image/gif
Content-Length: 69137
Connection: keep-alive
Last-Modified: Fri, 10 Jun 2022 08:07:02 GMT
ETag: "62a2fba6-10e11"
Expires: Wed, 26 Apr 2023 05:08:09 GMT
Cache-Control: max-age=2592000
Via: 162.250.141.234
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CDN-Cache: HIT
Accept-Ranges: bytes
1325604.com/tp/350x150.gif
162.250.141.227200 OK 152 kB URL HTTP/2 1325604.com/tp/350x150.gif
IP 162.250.141.227:0
File type GIF image data, version 89a, 250 x 140\012- data
Size 152 kB (151908 bytes)
Hash 546a5b61f4b5aa8c0c41c8b67614e30d
1b5ba1fca71cdeed30c34a819109300c6f41e1fb
3f89c05b8a60b9204b5bae8605fd0103e691d8a53c48e42cd9b2e824eea3fe94
GET /tp/350x150.gif HTTP/1.1
Host: 1325604.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:12 GMT
content-type: image/gif
content-length: 151908
last-modified: Tue, 13 Dec 2022 08:14:29 GMT
etag: "63983465-25164"
expires: Wed, 26 Apr 2023 14:18:12 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
729bbb.us/3432aed63421494e8e8099fa7e90047d.gif
45.61.212.47200 OK 692 kB URL HTTP/1.1 729bbb.us/3432aed63421494e8e8099fa7e90047d.gif
IP 45.61.212.47:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 692 kB (692533 bytes)
Hash 8e3eaf1ac1ccef120298b70e62c364fb
4d4f187c76fe6392c7ef301e717e65a302998ea4
9440b419c421d82dbbbe1696dfeaa15d0c61d44602989e11cae29cf214657d7f
GET /3432aed63421494e8e8099fa7e90047d.gif HTTP/1.1
Host: 729bbb.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "641c3a9a-a9135"
Date: Thu, 23 Mar 2023 11:55:42 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 23 Mar 2023 11:40:10 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us1-cdnb-17
Content-Length: 692533
1325602.com/tp/960x60.gif
162.250.141.227200 OK 151 kB URL HTTP/2 1325602.com/tp/960x60.gif
IP 162.250.141.227:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 151 kB (150901 bytes)
Hash 0b31981c2c86f1ff310c1d4e1f91a2e6
62f35a90e101be846da894898bf0a4053f68ec57
7f9c781bca1382598a08eb7ffd85994f3ec61214cfb7e6b0e049ef6926573274
GET /tp/960x60.gif HTTP/1.1
Host: 1325602.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:12 GMT
content-type: image/gif
content-length: 150901
last-modified: Sat, 11 Mar 2023 05:21:44 GMT
etag: "640c0fe8-24d75"
expires: Wed, 26 Apr 2023 14:18:12 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
7780tp.com/7780/230x140.gif
162.250.141.134200 OK 47 kB URL HTTP/1.1 7780tp.com/7780/230x140.gif
IP 162.250.141.134:0
File type GIF image data, version 89a, 230 x 140\012- data
Hash 5ad89d5418c335bb181a81f36a7546d7
bd23c64356ad1e52d60c6c8a4d5725bd4657b10e
b4f2e5f6a59fc91236c66c1b842d645ca129140f0dff5f426f268119f1935a76
GET /7780/230x140.gif HTTP/1.1
Host: 7780tp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Mar 2023 14:19:36 GMT
Content-Type: image/gif
Content-Length: 47014
Connection: keep-alive
Last-Modified: Sun, 12 Mar 2023 08:53:59 GMT
ETag: "640d9327-b7a6"
Expires: Mon, 24 Apr 2023 06:51:01 GMT
Cache-Control: max-age=2592000
Via: 162.250.141.130
CDN-Cache: HIT
Accept-Ranges: bytes
6651tp.com/960x601.gif
162.250.141.238200 OK 375 kB IP 162.250.141.238:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 375 kB (375218 bytes)
Hash b309e9da966de0d4a238500739d197ca
d55a4dc8dcba02c22d00d813639736aca7341a3f
080513b67d85d5248aed136dee1c153ad32d6ed3d78c442fed6cb9925ba6f0cf
GET /960x601.gif HTTP/1.1
Host: 6651tp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Mar 2023 06:01:43 GMT
Content-Type: image/gif
Content-Length: 375218
Connection: keep-alive
Last-Modified: Wed, 01 Mar 2023 07:27:49 GMT
ETag: "63fefe75-5b9b2"
Expires: Wed, 26 Apr 2023 05:08:09 GMT
Cache-Control: max-age=2592000
Via: 162.250.141.234
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CDN-Cache: HIT
Accept-Ranges: bytes
7780tp.com/7780/200x200.gif
162.250.141.134200 OK 138 kB URL HTTP/1.1 7780tp.com/7780/200x200.gif
IP 162.250.141.134:0
File type GIF image data, version 89a, 200 x 200\012- data
Size 138 kB (138064 bytes)
Hash 92642fd33874c1216aad03a59dcc06c4
d8e490493b6a1234a54753fb137b0dc862067f4d
ddfc153ed631463186efeda5eae0ab9ea6001d820159b6e123025707cecbc765
GET /7780/200x200.gif HTTP/1.1
Host: 7780tp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Mar 2023 14:19:36 GMT
Content-Type: image/gif
Content-Length: 138064
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 06:19:45 GMT
ETag: "62ba9d81-21b50"
Expires: Mon, 24 Apr 2023 06:50:56 GMT
Cache-Control: max-age=2592000
Via: 162.250.141.130
CDN-Cache: HIT
Accept-Ranges: bytes
7780tp.com/7780/960x60.gif
162.250.141.134200 OK 185 kB URL HTTP/1.1 7780tp.com/7780/960x60.gif
IP 162.250.141.134:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 185 kB (184813 bytes)
Hash f0ea18fc6324c7504f77ccb888f7756e
b85b3cd8353050629e20c582e8b3779a5b94e039
f7f58ea13c0cca2247c100fb79ffbff3bd13f6e88c1bc957eee5ae319ee4915a
GET /7780/960x60.gif HTTP/1.1
Host: 7780tp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 27 Mar 2023 14:19:36 GMT
Content-Type: image/gif
Content-Length: 184813
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 08:55:40 GMT
ETag: "631aff8c-2d1ed"
Expires: Mon, 24 Apr 2023 06:50:53 GMT
Cache-Control: max-age=2592000
Via: 162.250.141.130
CDN-Cache: HIT
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fe22c0b-0401-4cf6-a9bc-c63ccf292653.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fe22c0b-0401-4cf6-a9bc-c63ccf292653.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c660b11ada212059e6c18ad2564c623
024eb67ef3fdaa5fa7a4c078c38c9a74abe1e55a
8246fe35d92388a42b7072424babdb3c63d5ad7ae2272167b43b95ddd65cdda2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fe22c0b-0401-4cf6-a9bc-c63ccf292653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10776
x-amzn-requestid: 3a164a3b-9ac4-47fa-9ea6-06b8b8104404
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRkW1FnAoAMF5Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4dc5-6518cb0a53a987d127302d6b;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:14:13 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: RXSSlAHyt237PB6U7YFJVRgVEsqWELZY_mVxOUglMa_Kqo1Jo-_WvA==
via: 1.1 b6cdb2111444305bd4957a473b711ad6.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 09:06:23 GMT
age: 18710
etag: "024eb67ef3fdaa5fa7a4c078c38c9a74abe1e55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/05.gif
45.196.99.100200 OK 0 B URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/05.gif
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
GET /template/m1938pc/html9/awww/jjkk/05.gif HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: image/gif
content-length: 119145
last-modified: Thu, 23 Mar 2023 06:44:02 GMT
etag: "641bf532-1d169"
expires: Wed, 26 Apr 2023 14:18:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
gd319.com/960x60.gif
162.253.67.146200 OK 0 B IP 162.253.67.146:0
GET /960x60.gif HTTP/1.1
Host: gd319.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 06:14:47 GMT
content-type: image/gif
content-length: 241995
last-modified: Fri, 24 Mar 2023 03:12:12 GMT
etag: "641d150c-3b14b"
expires: Wed, 26 Apr 2023 06:14:47 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/06.png
45.196.99.100200 OK 0 B URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/06.png
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
GET /template/m1938pc/html9/awww/jjkk/06.png HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: image/png
content-length: 63925
last-modified: Thu, 23 Mar 2023 06:44:03 GMT
etag: "641bf533-f9b5"
expires: Wed, 26 Apr 2023 14:18:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/static/css/swiper.min.css
45.196.99.100200 OK 0 B URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/static/css/swiper.min.css
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
GET /template/m1938pc/static/css/swiper.min.css HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ahjend.dsjenufer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: text/css
last-modified: Wed, 06 Apr 2022 08:35:42 GMT
vary: Accept-Encoding
etag: W/"624d50de-4562"
expires: Tue, 28 Mar 2023 02:18:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/01.gif
45.196.99.100200 OK 0 B URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/01.gif
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
GET /template/m1938pc/html9/awww/jjkk/01.gif HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: image/gif
content-length: 221303
last-modified: Thu, 23 Mar 2023 06:43:58 GMT
etag: "641bf52e-36077"
expires: Wed, 26 Apr 2023 14:18:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/02.gif
45.196.99.100200 OK 0 B URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/02.gif
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
GET /template/m1938pc/html9/awww/jjkk/02.gif HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: image/gif
content-length: 887927
last-modified: Thu, 23 Mar 2023 06:44:01 GMT
etag: "641bf531-d8c77"
expires: Wed, 26 Apr 2023 14:18:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/03.png
45.196.99.100200 OK 0 B URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/03.png
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
GET /template/m1938pc/html9/awww/jjkk/03.png HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: image/png
content-length: 151098
last-modified: Thu, 23 Mar 2023 06:44:01 GMT
etag: "641bf531-24e3a"
expires: Wed, 26 Apr 2023 14:18:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/04.gif
45.196.99.100200 OK 0 B URL HTTP/2 ahjend.dsjenufer.com/template/m1938pc/html9/awww/jjkk/04.gif
IP 45.196.99.100:0
ASN #134548 DXTL Tseung Kwan O Service
GET /template/m1938pc/html9/awww/jjkk/04.gif HTTP/1.1
Host: ahjend.dsjenufer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 14:18:08 GMT
content-type: image/gif
content-length: 42427
last-modified: Thu, 23 Mar 2023 06:44:02 GMT
etag: "641bf532-a5bb"
expires: Wed, 26 Apr 2023 14:18:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2