r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13181
Expires: Tue, 07 Feb 2023 15:36:11 GMT
Date: Tue, 07 Feb 2023 11:56:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5699
Expires: Tue, 07 Feb 2023 13:31:29 GMT
Date: Tue, 07 Feb 2023 11:56:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20901
Expires: Tue, 07 Feb 2023 17:44:51 GMT
Date: Tue, 07 Feb 2023 11:56:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 11:34:08 GMT
content-type: application/json
age: 1342
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AEX4PqUMnwE1PJNo68FWFtv4uYH2dat0lst7OFDbgFgjqzgixyXVUs2YMxkFAOu+8A7/WLG6A1o=
x-amz-request-id: TMBMPPYZPR00Z2X3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 11:45:33 GMT
age: 657
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 11:56:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fziccordim.cyou/
172.67.185.80200 OK 55 kB IP 172.67.185.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2028), with CRLF, LF line terminators
Hash 7f2286d220193b75ffd660fa168b3566
668459a70176b3e5f6713e0072637cd1c0604cdf
8797a10969cc6d4b9942fcb21d7463cc95e72e4d83253a04267bceb23add9d11
GET / HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rbtkSnNSXVRiyWxK%2Fi6aICcIPkLvvQbonZKNddRLIUh3V2zzs2aRqRQTEfHblLs2%2FEQsSPNOMgrOVu7lBMgcUM1anEaiSSBWw2Bh8ssr5oKcoHKGjCaFJ2rZ1GsdJeyTqI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 795bf1509a4eb523-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 11:14:52 GMT
age: 2498
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy8yMDE4LWhlYWRlci13ZWF0aGVyLmpz.js
172.67.185.80200 OK 1.8 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy8yMDE4LWhlYWRlci13ZWF0aGVyLmpz.js
IP 172.67.185.80:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 64e252101b03864c6895235857e7d77d
aeb3d3b5557f1ca7a0afdc8203e127af4d267e8c
6c38bc83f9e2c5ee27f1997a580b53b222eaed9ea89c5e1cad6c4a9423cf8400
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy8yMDE4LWhlYWRlci13ZWF0aGVyLmpz.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:30 GMT
Content-Length: 1760
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:30 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i4621bPI8GCwFze8J%2Fkdq7i5fQS8b8zvgGq%2FvylbyBTcREv4V%2BOrX8bcIDb9MGE8N0wjLBzOWxP2UFyq1Se2ejPvRFrjmi2tj0VAzAQmkmWeajbDKrTPJ9Nr8RpuRxTKpE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf1544e6b0b4d-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9oZWFkZXJfbWFycXVlZS5qcw==.js
172.67.185.80200 OK 4.8 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9oZWFkZXJfbWFycXVlZS5qcw==.js
IP 172.67.185.80:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 5c461cae5b8339067d433b41aa7aa7fd
f907044e47c37fb6255cbccb76c1f9280d97734a
705ba2ccfc7632a3f2d38ef2b1a92a61c2b467c4d1e5a2f9cb2136d870f58468
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9oZWFkZXJfbWFycXVlZS5qcw==.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 4763
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:30 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ansaOstKjt57hOIMyXoqGj61FSH%2Bmo9kRPKj9n%2BwYddtqODA5ZIvrI2T2OwfkQmR%2B6y848GaoUrDg9KioJGCVx%2FBNChebQmq0EhoBMlPS%2BK9Mgats9SQBn2%2FFc0206O0zA4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15449330b41-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9qcXVlcnktc2Nyb2xsYm94L2pxdWVyeS5zY3JvbGxib3guanM=.js
172.67.185.80200 OK 6.5 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9qcXVlcnktc2Nyb2xsYm94L2pxdWVyeS5zY3JvbGxib3guanM=.js
IP 172.67.185.80:0
Hash a2884076f6d95cb5dec3ced0f2a888b8
a2a0479722424aadd743f9bbf9aa704c97904815
a3d3546058b19f26e896c25fc9d73cb4fbc7ee902265ae71c2f65651dad8a733
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9qcXVlcnktc2Nyb2xsYm94L2pxdWVyeS5zY3JvbGxib3guanM=.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 6460
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZnn%2BU774M6sHXF%2Bm7051%2B9j%2BPJuNb59KdKZ744se6kp82ftqjczfg4e7dwcVN2JB8IXdf7AoulDzKImukury94Zh7EbIIAhl%2Fqf7D3Mi0cfCU5eTQkjzLd%2FE9x2Ak1ZPNA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf1544fae1c0e-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3960
Expires: Tue, 07 Feb 2023 13:02:31 GMT
Date: Tue, 07 Feb 2023 11:56:31 GMT
Connection: keep-alive
fziccordim.cyou/out-aHR0cHM6Ly9zdGF0aWMuY3RzLmNvbS50dy9pbmRleC9qcy9qcXVlcnktMy42LjAubWluLmpz.js
172.67.185.80200 OK 90 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9zdGF0aWMuY3RzLmNvbS50dy9pbmRleC9qcy9qcXVlcnktMy42LjAubWluLmpz.js
IP 172.67.185.80:0
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /out-aHR0cHM6Ly9zdGF0aWMuY3RzLmNvbS50dy9pbmRleC9qcy9qcXVlcnktMy42LjAubWluLmpz.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rK%2BgVfjLIFfMJPA9GOvYWVoDVpwcb5B%2FzcBpoWpis5Vc6zURQ0LU1NQe69HEMe3vzsaAhgpe%2BwZLDatLTPk%2BGF3gbos3u0M0gdc5uAjlz8OdupC%2FCSwOvL4Qp6bQI75DNOQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf1544b040afa-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1uZXdzaW5nbGUtcmVsLWxhenlsb2FkLmpz.js
172.67.185.80200 OK 1.2 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1uZXdzaW5nbGUtcmVsLWxhenlsb2FkLmpz.js
IP 172.67.185.80:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash f810d72a6675fa936fdb17d63a7c4fd0
59efb1dda6e6cbe42dccbff0492de6b6c28976b9
4f8c9cb102d1f8e27cc19051629f932e8d250833b3291c62a6f35c93d4785e6b
GET /out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1uZXdzaW5nbGUtcmVsLWxhenlsb2FkLmpz.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 1154
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQS82hXRcgsQLYlN63wMWtnfjqlCm3X1EqSDrgORIcY0U5MP8SMDXS3maWq0wZH9BlkJIc%2Fb8umUSIjXYRAWw8MHERLhMZDm3z613v9iz3zOfv6SMqVE%2FASthNNLTsZ6q7s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf155d9141c0e-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvYWRzYnlnb29nbGUuanM=.js
172.67.185.80200 OK 151 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvYWRzYnlnb29nbGUuanM=.js
IP 172.67.185.80:0
File type ASCII text, with very long lines (3642)
Size 151 kB (151174 bytes)
Hash 776d90eef602a5d943688c2388d695f0
875546356d957477e3ba539ae25bc3e9bc54baa7
9c01653b42ac153ae3091602c4e2220d21ee9d1d4956454adcfcbc1fce914ce4
GET /out-aHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvYWRzYnlnb29nbGUuanM=.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:30 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhoOfQ9I%2FkC%2FTZSy5To1DyEbKyKiwTkT6eijbOKZewJ7VnxR%2BBphI2vUx8wteQPKbnaApLQYUxE0vJY1Z5e10G%2FpUh9etvM09%2BN8zfnyF9ghgrvM9jOx0W8V%2FMFTmqEF2Po%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf154487f1c0a-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1uZXdzLWhlYWRsaW5lLWxhenlsb2FkLmpz.js
172.67.185.80200 OK 1.4 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1uZXdzLWhlYWRsaW5lLWxhenlsb2FkLmpz.js
IP 172.67.185.80:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash c5e50d3624fd0a055bc3b1bde11fb7c1
bd54b2840316d1c19c936170c7fc7084ed2a7589
a6239788622f3d921b0b71758153e0d3c956810d5d6e905504fcc39695dcc26c
GET /out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1uZXdzLWhlYWRsaW5lLWxhenlsb2FkLmpz.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 1411
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWxwLJ06r6eXFPEDBafxSCluhvvr7lB9XtFAkcVIU2awt06brlyi8xDlZBmmyP0NuAumFu0OwQy4rufj0WTUseOCvIPE9pOTYi7%2BNn47JY7W%2FbJxOgZI7Z0IYbFL2bL%2BJbo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf1572e270afa-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9jdHMyMDE4LmpzP3Y9ODU=.js
172.67.185.80200 OK 18 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9jdHMyMDE4LmpzP3Y9ODU=.js
IP 172.67.185.80:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (3036), with CRLF line terminators
Hash 8a195582c1bacc4047d3071142f66e7d
8849ea43a8e552667be62b8cec77634e8706d850
afccc4903efe5aa2da997c201376dc09bba091e03662a4e1915c6663a8cf1808
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9jdHMyMDE4LmpzP3Y9ODU=.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LK9bGBjCZ%2BRIkGScvTN%2FGIlBhCT0hLNZ91Bpi2rYbuHLeDKnthlC8XUze7gnoYF3%2BggBD6jDMEI88j9A481NVRew%2FBl11bVdxkiXxrdN%2B5V1yB7E12iV5pOP%2B4rbPwnWOoo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf155cfa70b4d-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
52.39.93.175101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.93.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 225jVRZ+CINFHAJwxZzO2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WN772/H1BYm4VuqRFHrYi+Btjq0=
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9vd2xjYXJvdXNlbDIuMy40L293bC5jYXJvdXNlbC5taW4uanM=.js
172.67.185.80200 OK 44 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9vd2xjYXJvdXNlbDIuMy40L293bC5jYXJvdXNlbC5taW4uanM=.js
IP 172.67.185.80:0
File type ASCII text, with very long lines (31997)
Hash f416f9031fef25ae25ba9756e3eb6978
e2a600e433df72b4cfde93d7880e3114917a3cbe
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9vd2xjYXJvdXNlbDIuMy40L293bC5jYXJvdXNlbC5taW4uanM=.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXWkBSj987EUKXX1f%2F0YNa9wgOXbEX2hAKR2Fc03m5FRpRYBgMQ038XCybYD%2FAYEEQx3KfJ%2BIxevGB6FNqjRG11SO%2BhgV1KAIeqh6%2BcJ%2FzbEYjUT1HMGb3xREFTjMy4QX%2FE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf1552865b523-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1uZXdzLXJpZ2h0VG9wNS1sYXp5bG9hZC5qcw==.js
172.67.185.80200 OK 3.0 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1uZXdzLXJpZ2h0VG9wNS1sYXp5bG9hZC5qcw==.js
IP 172.67.185.80:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 1f7a984b138754982eefc46789e82997
52cfbb217076768de31323b2941dd267eb0c004a
8ede817f8b83b13ed324459dc7dbd2e408b411314ee6e5483fa9815f74b42148
GET /out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1uZXdzLXJpZ2h0VG9wNS1sYXp5bG9hZC5qcw==.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 3036
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6RMUpj8kniVolKEL6CiZIvHIVctOXh3WCToeDs0njPpFnu4drjTWc5u5chLcKJzq5pAbdL2duq5wuXieQrewFO%2F56gtAi9y4H%2FH0k2QAtkDOCrPrLequEa8AM8Z3XVTzMg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf1574a5e1c0e-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1yaWdodC10b3BpYy1sYXp5bG9hZC5qcw==.js
172.67.185.80200 OK 2.7 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1yaWdodC10b3BpYy1sYXp5bG9hZC5qcw==.js
IP 172.67.185.80:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7b336ccc4740bb5fad5fcab983c8a8f1
00db7f0c6f2af0aaca0d6c7ecbf1fdbc37f1eb1b
029d79a9f02da0b638465f3da9a36fa42dce10faf3c56cda949b59025081dd21
GET /out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1yaWdodC10b3BpYy1sYXp5bG9hZC5qcw==.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 2692
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvcJMvyQRACGzbG718Sg0MmGBOdsR7e3GzSPJQEV7msWauLk7dNgVUKji0ptPcLv03%2B0nZwFvpoT%2FxMrCv5i3DSNekDQ4zaaE3oPBVsWCh2vs0DMiMv7TNWyTfe3TpLviao%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf157cb8b1c0a-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9qcWNsb3VkLTEuMC40LjIuanM=.js
172.67.185.80200 OK 7.8 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9qcWNsb3VkLTEuMC40LjIuanM=.js
IP 172.67.185.80:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 655584825ba3b44275f5f3c3107f53af
5a25afd853d6a274fcd2687b9b48b0e464a7d0e7
b9a91df8ea212769d9e18a376adb1a63af8ff73a668c1de0f12330d4ddd6905f
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy9qcWNsb3VkLTEuMC40LjIuanM=.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 7822
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwdoCfocW9KRi8NMC7JBRulIhh39AEiPIbqrfmKtFaFIznTAecHZsex%2BUaaYbadno6LJt%2Bdy0iFSycIARKMvy%2F65SjzOi9cd8SH5geXjCUaKqdMs16N93cx96HSzbqajocw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf157eec70afa-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuZ29vZ2xldGFnc2VydmljZXMuY29tL3RhZy9qcy9ncHQuanM=.js
172.67.185.80200 OK 81 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuZ29vZ2xldGFnc2VydmljZXMuY29tL3RhZy9qcy9ncHQuanM=.js
IP 172.67.185.80:0
File type ASCII text, with very long lines (39302)
Hash 55ba88fca63d4278acfdf0278fe375ff
f4c65e2abafdce310c5243f8b9b3e9ce22f9b140
4b144aa5e72aa503e41b85d0efc40c628a10855636dde2c9049473e751127b81
GET /out-aHR0cHM6Ly93d3cuZ29vZ2xldGFnc2VydmljZXMuY29tL3RhZy9qcy9ncHQuanM=.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvF2S1OYWhhkTR2U2pmzQ%2F6NBPlmdjObVkJFtG0kQY8bHFoPMbYOCuUccwC3U5J6Aa0tXjsJzh8xw2oUSOXt3ilfIFXB5wcEPPdIgZ%2BohHRyfmKxdL%2BQNXLKtiksLCoaC0U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf155cb460b41-OSL
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash aa453fa335c1ca712eaae1183f75382b
426c6753dbada5282fa55201ca9d2a28d867528b
fedaf7a9607b02d27d9e24f2bc9edc7d1fc13850ba790dd963350c2d5b6c22b4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 11:56:31 GMT
Etag: "63df1d32-1d7"
Last-Modified: Tue, 07 Feb 2023 11:12:58 GMT
Server: ECS (dcb/7EC8)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JDDXz6rcSd9x4NE1sY8dwv_xMd_68Jen_WcuwBFF5m64dWGp-mv9Pg==
Age: 2613
fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1ibG9ja0tleXdvcmRzLmpz.js
172.67.185.80200 OK 1.2 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1ibG9ja0tleXdvcmRzLmpz.js
IP 172.67.185.80:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash ce1928c9fd6db7951bde1d12256d8652
129a2196c461927eb5ab1510390c009ba8c17dd4
cad65201ba29e7892f2c11f6702d84509bb329c25e8ae647c6e03b58395b16a7
GET /out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvanMvY3RzMjAxOC1ibG9ja0tleXdvcmRzLmpz.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 1214
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iw2mCO%2BUG2o2061ETh8YknLH7E1v0n%2FyNBapI%2BY%2FREjdAcbeCxmEAKAhql6EoL1oXIVgk1Ih7nNguGj9uJomTsNqaLs8Z%2BbJeiGn4vifsUs0TM5gjCyBMWnu1JO7zM%2BV6Ho%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15899fc0b4d-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly9jZG4uanNkZWxpdnIubmV0L25wbS92YW5pbGxhLWxhenlsb2FkQDEyLjAuMC9kaXN0L2xhenlsb2FkLm1pbi5qcw==.js
172.67.185.80200 OK 5.6 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9jZG4uanNkZWxpdnIubmV0L25wbS92YW5pbGxhLWxhenlsb2FkQDEyLjAuMC9kaXN0L2xhenlsb2FkLm1pbi5qcw==.js
IP 172.67.185.80:0
File type ASCII text, with very long lines (5543)
Hash 81a54a116c4b5f257f0c296bb023e915
23167641c90ec1587c30c71625cedaa7f5701a1e
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
GET /out-aHR0cHM6Ly9jZG4uanNkZWxpdnIubmV0L25wbS92YW5pbGxhLWxhenlsb2FkQDEyLjAuMC9kaXN0L2xhenlsb2FkLm1pbi5qcw==.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 5585
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQIdlUiODRYQQtqFxC5smPpMejchMY6YxQs2hbJ4oJkHWgTnqZokOGvYJwpHlV11e7UtU6AqF3UbzjXflF%2BxSD7KIPGyv1UI5eaS4%2FZk6H3oAjHgeIXS6n%2FBLWNY0%2BzM6Cs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf158bd97b523-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy90YmZzL3RiZnMubWluLmpz.js
172.67.185.80200 OK 1.2 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy90YmZzL3RiZnMubWluLmpz.js
IP 172.67.185.80:0
File type Unicode text, UTF-8 text, with very long lines (1169), with no line terminators
Hash 34275eb26414df8e86a4d2b04df96358
4a58bc2479e9a6585229fc25e46149afee1e22dd
5ab481660b7d11e611aa83bb1c631c0ec2d1297496ce02367c797b837f341126
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9qcy90YmZzL3RiZnMubWluLmpz.js HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 1179
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EKrL05o5kRy%2FsXwfIZL%2BuCzl5mB%2Bi5CueGAnO6rtl92wfYEAi6pj0hvHtCH711Mto7xm1xTHb28C3jkG4jSqmZOCBuVMoqflGnKej1TakwA7TnNyezkHsmc9fugoJXOe2U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf158bbc51c0e-OSL
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash aa453fa335c1ca712eaae1183f75382b
426c6753dbada5282fa55201ca9d2a28d867528b
fedaf7a9607b02d27d9e24f2bc9edc7d1fc13850ba790dd963350c2d5b6c22b4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 11:56:31 GMT
Etag: "63e06eb1-1d7"
Server: ECS (dcb/7EA4)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: v1DnOBpoEQzWOoxtq-NAkRXyxqdCL_LREzzLAzMGbXRT8QweC-_dOw==
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash aa453fa335c1ca712eaae1183f75382b
426c6753dbada5282fa55201ca9d2a28d867528b
fedaf7a9607b02d27d9e24f2bc9edc7d1fc13850ba790dd963350c2d5b6c22b4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 11:56:31 GMT
Etag: "63df1d32-1d7"
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yL3qmwF4yN_7V3fL91e9R9YSJgJMlscBkSBY8Cbyrf9XA6aioVLGWg==
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash aa453fa335c1ca712eaae1183f75382b
426c6753dbada5282fa55201ca9d2a28d867528b
fedaf7a9607b02d27d9e24f2bc9edc7d1fc13850ba790dd963350c2d5b6c22b4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140992
Date: Tue, 07 Feb 2023 11:56:31 GMT
Etag: "63e1c02f-1d7"
Expires: Thu, 09 Feb 2023 03:06:23 GMT
Last-Modified: Tue, 07 Feb 2023 03:06:23 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BAO2OfOK8xzVsI0-FFrNha9uJCJV43fFXACeV9_3iBC0z1OyoTQuaA==
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash aa453fa335c1ca712eaae1183f75382b
426c6753dbada5282fa55201ca9d2a28d867528b
fedaf7a9607b02d27d9e24f2bc9edc7d1fc13850ba790dd963350c2d5b6c22b4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140992
Date: Tue, 07 Feb 2023 11:56:31 GMT
Etag: "63e1c02f-1d7"
Expires: Thu, 09 Feb 2023 03:06:23 GMT
Last-Modified: Tue, 07 Feb 2023 03:06:23 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZrNOuCEIJbXdo4sLREVIJNUe1StQu-_O-3-bOo5J50dY8sdH9uj-_w==
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9jdHMtbG9nby5wbmc=.png
172.67.185.80200 OK 8.2 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9jdHMtbG9nby5wbmc=.png
IP 172.67.185.80:0
File type PNG image data, 80 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash 26090ec3aa6f16e16c74c641839312a7
67e5ac65c5b820a1fd9ebea26924caeaf7446b5f
753489f4b299bda9880006005aa8ec0d2de78750639596e17e493e4e3e6e6b8d
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9jdHMtbG9nby5wbmc=.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:31 GMT
Content-Length: 8161
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:31 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSPD4uY3WQR%2B9jyTgbNSLIGIAOcEeMd6KwFGNNuyAgagzd%2BwEsSfv0BDqUImYsPkqeGaw0y7I23DkzZJXfz%2BG87l0k2cvH6ttCdzXsvIUWU7uaZom%2FgtMCsWV1aBuYjwKoo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15b2a5f0afa-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9jYWxsLWFuc3dlci5wbmc=.png
172.67.185.80200 OK 480 B URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9jYWxsLWFuc3dlci5wbmc=.png
IP 172.67.185.80:0
File type PNG image data, 22 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 56e083468657114ddd4233d77852dd1e
61200858e522f148d9b3f7eb4f3638558b071477
d1fb57dfadfa1b69ad1e2b2c4fbe23636e37d1f335167a1b75fc8270d2237c2e
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9jYWxsLWFuc3dlci5wbmc=.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 480
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHRLmp0vu7SkLy8rz0w%2BpZPtl3TFTY7IGP5N7KCJbEpdSbmvB32Fx8cLnfcP9rxA78IFqfHIwBxAuZvcaMfYXFR02pF%2BPt90YNQyG9nqK%2B7OvX4slXksW%2BeEdRqbjz%2BtOG0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15b29040b41-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mYi1zaG93LnBuZw==.png
172.67.185.80200 OK 1.4 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mYi1zaG93LnBuZw==.png
IP 172.67.185.80:0
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash d5186a235b6eee5485f07e07ae4fd857
59032c3c9aed957a4365c89cf27285b4e6d18242
9c81d88ec59393908a8997dca7efd32a8d2dc0125f96260ab1f01f8cd51aed7c
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mYi1zaG93LnBuZw==.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 1397
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQAG6H8iY%2FERH2Hu%2B5m18V%2BtpMjDe6HtKYkYTJApXOOAo8hc9Hl%2B0fHfwIgRNHyoZJ6OWcj1EBCYwXgU9kyneX3i6i90WnXWemdGSL9ONvOL4jkG%2F8oS4DvulwbaggL7iqw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15b2f011c0a-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9uZXdzLXByZXYtYXJyb3cucG5n.png
172.67.185.80200 OK 567 B URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9uZXdzLXByZXYtYXJyb3cucG5n.png
IP 172.67.185.80:0
File type PNG image data, 20 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 04f21e4fff2914a55c6188b0925f4f5c
52c5fa01a46b83eadad80e153aefdb42f18c91b0
b4efb8cc38a471a070e8902aabc8e339710ad6db34c5c31e1939d5584543105c
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9uZXdzLXByZXYtYXJyb3cucG5n.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 567
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfUML8yrczMMdP2qw2ST3B88yWjh9d%2FA9UB9aAm7aorJuNw51itEvQKqEVzc5obY5CJYpkV5ub4hnqB1NqmfK1hjEOMn3U7%2Bq7huDVvXILK9FeULUeyN1OJBlMWjKE3tjj4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15b28dbb523-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9wbGFjZWhvbGRlci5wbmc=.png
172.67.185.80200 OK 559 B URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9wbGFjZWhvbGRlci5wbmc=.png
IP 172.67.185.80:0
File type PNG image data, 19 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 9164df0912a7bd45681a8ecd35b1a11e
bf72634688a869eb65ec3a76eaf306195d017271
13b3ec8c5c912e36a53d2102f5f1242bd4938a857c431fe702a9ab8037b9b1f8
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9wbGFjZWhvbGRlci5wbmc=.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 559
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uA0IVz7%2FkGFPweFCg5MRb2kzId8tO3U2QojkV23Ieke%2BMsB%2BGkaB1qdr4us720zAu2LVODomziBhos6EiDHjRJqhSl8tM4%2FRTZMbUqCx5nzMoUaVnvxFl8DRqzeIePnVU8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15b2c4b0b4d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4992
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 11:56:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4992
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 11:56:32 GMT
Connection: keep-alive
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9saW5lLWljb24ucG5n.png
172.67.185.80200 OK 1.8 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9saW5lLWljb24ucG5n.png
IP 172.67.185.80:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash e8e54e57081cec28e94610d10c59bb7f
7646ff5857cff3d0385916fc84797676e7144d50
140682dfd05c986b0213ca05ee08f2e460484df229c31088558b84c14d2fac3f
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9saW5lLWljb24ucG5n.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 1800
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhkfSORBqMBQHYPH%2FK1%2BFXxE232tIJoGe0lBvjPhJW7WVnDKx6aNdBe%2BuOjZnPL%2Bb0IGrDiPrHnO06YE82%2Fnew%2FMcMMdBwvMeFFsLylEQXGNvSC8qz%2FqldZELAtxF%2B3nMvo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15b2e361c0e-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:45:27 GMT
age: 15065
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4dd67c975f1c1f91ca92f37c9e098231
b9096efb56b6e196b13722e767a9d2762737cbb9
39f21e5db4089d6cf94646b76cd9032e9831ed03f7c2f0d980fac09c893a52db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8110
x-amzn-requestid: fdfa4af0-a6e4-4664-a86b-48fd6f374d96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77JCFyzoAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17239-205cdd9d70f23cb358c65222;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: haWel3aE2NwfrpYKJbsqnbYuIjdvneK8WP_2_wbjRcV0ZQ4qYJLGzg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:15:10 GMT
age: 49282
etag: "b9096efb56b6e196b13722e767a9d2762737cbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4992
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 11:56:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 50473
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d29e7077f69b88a0108efeb7a2efe7e9
1958f83edeb8c6b68f17cead3fb5714f44e619eb
371f02a5b36ac3e52cc6c4e78f0980107a0f92105e79ee53278089ae5ff6de93
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10788
x-amzn-requestid: 8e1c8026-1eea-4eb0-810e-7ea43ed11f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyymWEsSoAMFykg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddcaf5-20fc23b535fa86f56a34fbae;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 03:03:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nb86Kj6pqD3DFzCeTNtTGNXsNfHLvu4kgYq6qmhu2Ygya462lBl0lg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 05:13:55 GMT
age: 24157
etag: "1958f83edeb8c6b68f17cead3fb5714f44e619eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4992
Expires: Tue, 07 Feb 2023 13:19:44 GMT
Date: Tue, 07 Feb 2023 11:56:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: e7653b49-3160-42e3-8292-8ae32604f775
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc8KEoPoAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb4-68fd76a95ffa656318bedff6;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KaitXsesZ9mJducJ54ChzQGfb-2-hEN4W_QojGMKXYEji4xsjNdWCA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 09:07:41 GMT
age: 10131
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d057038cd3164c40413a88f9b5c2af92
afbcb6617c7277ea42068c2aa1c8dcba02549873
ae03b42f1a5c3774e3ea569a886707a8a31da05a45bd971b829cf579be0ea6c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6787
x-amzn-requestid: 15924d6a-68a3-414b-9e23-68d37291d4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvyxSEjXIAMFT3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc9808-22daff920f5fe1201328ccee;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 05:13:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AOnXbzTBcVZ3quJx3NoNQC08Gk5_phyp8UiWCm6Dk4GPxl8FCaIC4w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 16:55:00 GMT
age: 68492
etag: "afbcb6617c7277ea42068c2aa1c8dcba02549873"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.cts.com.tw/js/tbfs/images/share_t_icon.png
54.230.111.9200 OK 560 B URL HTTP/2 www.cts.com.tw/js/tbfs/images/share_t_icon.png
IP 54.230.111.9:0
File type PNG image data, 35 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f79e1e3f70a4fb5184ca255a952d349
0125a1620213651adcdcf985d3af41802f436ecb
f78f944691cf540ca4a1930e9af957aeaff4406ba4a9d69423cc49e1478c7703
GET /js/tbfs/images/share_t_icon.png HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 560
date: Tue, 07 Feb 2023 11:56:32 GMT
accept-ranges: bytes
etag: "3597462095"
last-modified: Wed, 06 May 2020 02:55:03 GMT
expires: Tue, 07 Feb 2023 12:56:32 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OA-m3kwF1k9-9wa5NcN944bC8az8510fisFrkZvlxVGein9KqF8QAQ==
X-Firefox-Spdy: h2
www.cts.com.tw/js/tbfs/images/link_t_icon.png
54.230.111.9200 OK 492 B URL HTTP/2 www.cts.com.tw/js/tbfs/images/link_t_icon.png
IP 54.230.111.9:0
File type PNG image data, 73 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash a767acb87b83499cf16c04629bfa57cd
dd92392aee4de62a9fb7ce6089520999593e2777
380e1b4349d0dd5b616b9ce2b79fa8db23765f07993b73337d8243bd98b4ce0e
GET /js/tbfs/images/link_t_icon.png HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 492
date: Tue, 07 Feb 2023 11:56:32 GMT
accept-ranges: bytes
etag: "661555788"
last-modified: Wed, 06 May 2020 02:55:02 GMT
expires: Tue, 07 Feb 2023 12:56:32 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g7CL32WXfbSvBTiJogdJ5mSAmF0GfG6o5hRuPtefIs26HGV5burI9g==
X-Firefox-Spdy: h2
www.cts.com.tw/js/tbfs/images/fb_t_icon.png
54.230.111.9200 OK 963 B URL HTTP/2 www.cts.com.tw/js/tbfs/images/fb_t_icon.png
IP 54.230.111.9:0
File type PNG image data, 73 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c90ae8c04951bb660912822ebaec538
debc58a70675fb2a093b19cec0dc3337c6b0795f
eb7a21d9a4288a8258d54a0ef7ab890b553ad2f75c5b248779a719e4908a5950
GET /js/tbfs/images/fb_t_icon.png HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 963
date: Tue, 07 Feb 2023 11:56:32 GMT
accept-ranges: bytes
etag: "3622668880"
last-modified: Wed, 06 May 2020 02:55:04 GMT
expires: Tue, 07 Feb 2023 12:56:32 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5MCr2_mV-n4cVoOSjXQv1onTfMDMDQE-7xIaM1Gr1r4pGh6HjCAH0A==
X-Firefox-Spdy: h2
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvZmFjZWJvb2twYWdlLmpwZw==.jpg
172.67.185.80200 OK 8.6 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvZmFjZWJvb2twYWdlLmpwZw==.jpg
IP 172.67.185.80:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 336x80, components 3\012- data
Hash a7b4b1f0bd7b2111d2e9f2b938bcbcaa
6d22bdea7b292e6a4d4ba3752543b3b775df4585
0f678b3bf3a44f33521dcd918732c1563bbb0395d18fd4b732646a807c986b09
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvZmFjZWJvb2twYWdlLmpwZw==.jpg HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wLy95RCWqOG1dxVuit5V6DFuB%2FiJkg2a5XSoZUsKxUc4Mo%2BkgU4kF0kq9Dkhl8V6ZQ9N8D8o04VRnfB9KF97J7ajCdS%2Fr9OgsRZqRkFcWXU8qmY64efug6aD02kOjUZp9Y%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15d5e5e0b4d-OSL
alt-svc: h2=":443"; ma=60
www.cts.com.tw/js/tbfs/images/line_t_icon.png
54.230.111.9200 OK 477 B URL HTTP/2 www.cts.com.tw/js/tbfs/images/line_t_icon.png
IP 54.230.111.9:0
File type PNG image data, 73 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash f7e1c4a381e954c6e4491e373e52cfbf
77fac9d1d8338cbd8a6b4ba6af96578eac4eed00
88f0ae7cc7e0845fe03e04166d300c4cf17a90e540475559611f35478be33849
GET /js/tbfs/images/line_t_icon.png HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 477
date: Tue, 07 Feb 2023 11:56:32 GMT
accept-ranges: bytes
etag: "3320490570"
last-modified: Wed, 06 May 2020 02:55:04 GMT
expires: Tue, 07 Feb 2023 12:56:31 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Em7N4sPrDXwl4tuQ4W4QobitDPzdFXj4EsAGlE4sEpEWOZrab5ia3w==
X-Firefox-Spdy: h2
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy95b3V0dWJlLnBuZw==.png
172.67.185.80200 OK 2.3 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy95b3V0dWJlLnBuZw==.png
IP 172.67.185.80:0
File type PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash b1d5fcff66de5b9c3e8b2da0e23f51a7
25aae52cee309a4ab9b2574b61cea62e6ebd5251
64a39b5d98dbd81a0bb36c9ab8b56ab1d51c2a853749caef2ce33057b2609f90
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy95b3V0dWJlLnBuZw==.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 2330
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LB2AfrML4917ffuWy9LhzIv3ZGhYC20QRUYDh7UjpwUwl6lUVbxE%2B4nfCj7tpuIDWSpOX5XAmpkprzVj5P3tjMDiSVZOGYdv%2B8gLP4LQeDO1fBk%2BYnzkQ4TY%2Fhc0ETmTnvc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15d5b52b523-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9hcHAtaWNvbi5wbmc=.png
172.67.185.80200 OK 3.2 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9hcHAtaWNvbi5wbmc=.png
IP 172.67.185.80:0
File type PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash fad509ed66dec83b9328499b247e0e09
cc30504d8721391099016021222afaca001aa534
48af783d9fdb5a607a1eebb390a9994ab35e857426f58886ca6f86802ab727dc
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9hcHAtaWNvbi5wbmc=.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 3207
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kroyU9cGl%2FyL2vZQsemaz6egjmoPitpqyq9fsft3NTk%2FQ%2Fo1aPjfwBovVndppmKTaKjb82y8Gf9lRI2SuBo9ysccDAqZ1G%2FVGSmxLFHqu6vfbgaBkz41PvBqRGBNM6CUawU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15d78a81c0e-OSL
alt-svc: h2=":443"; ma=60
www.cts.com.tw/js/tbfs/images/messenger_t_icon.png
54.230.111.9200 OK 1.4 kB URL HTTP/2 www.cts.com.tw/js/tbfs/images/messenger_t_icon.png
IP 54.230.111.9:0
File type PNG image data, 73 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b514f81343d645765c6b28c65e7932b
6f3a8c7684d466944cab95ed3eb62360d4e2125b
5869ef0d6be848b8b92169a65e72b5aa1c82ad51ec10196997efff340be66a2b
GET /js/tbfs/images/messenger_t_icon.png HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1381
date: Tue, 07 Feb 2023 11:56:32 GMT
accept-ranges: bytes
etag: "2347096480"
last-modified: Wed, 06 May 2020 02:55:03 GMT
expires: Tue, 07 Feb 2023 12:56:32 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zdp9ardpFzZREKTwpA-YX-cpoHF0O6UHyl-Dv_9W4WDNWARbv-GdKg==
X-Firefox-Spdy: h2
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9uZXdzLW5leHQtYXJyb3cucG5n.png
172.67.185.80200 OK 618 B URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9uZXdzLW5leHQtYXJyb3cucG5n.png
IP 172.67.185.80:0
File type PNG image data, 20 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash d203162874fc83f94a8e7cf52381f704
17978f97321ad0d9e1568624e97724e9e9ff9366
dcb99db552b3355f091ae90bcb26a4a3ce709dc5c026faa5724c79375c015ce0
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9uZXdzLW5leHQtYXJyb3cucG5n.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 618
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AdZPp%2FWZlwUmoGjTXsFUipNBObbRLHohHHg0doa2GiMBry8hHLExJZtWld8RO94aY5bRtYtYl2zWP2h4FR68iX9Axdr25omPXCM0g2XFlp4uPX%2B2kei1RCD%2FiYiOwGrjXw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15ecfc90b4d-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy90YWctaWNvbi5wbmc=.png
172.67.185.80200 OK 362 B URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy90YWctaWNvbi5wbmc=.png
IP 172.67.185.80:0
File type PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 6eaed9c867e9b2407e719e7236082d5a
6a9bd84e96e2d92f22f8a4fc6277fb1ccbc92ed5
9b4d998c86712c294e875b61a467f62ae09ee8fa722cdb0c77d03ee73711ace3
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy90YWctaWNvbi5wbmc=.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 362
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXrjQtCIp%2BHHUhttqtBlpIIBmj1jbJt5yQoMMQgGwB82rsgajLnHcz7%2B2VGTMSE15KR6xclN8BHduuzQ0OmGW6z%2BoQEq8qc66Csdxt95jsMjz6VqfxpVjWiaOoOOHD1FWlQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15edd2bb523-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly9zdGF0aWMuY3RzLmNvbS50dy9uZXdzL3Bob3RvL2N0cy8yMDIyMDkvMjAyMjA5MjMtOTExNjcyLmpwZw==.jpg
172.67.185.80200 OK 450 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9zdGF0aWMuY3RzLmNvbS50dy9uZXdzL3Bob3RvL2N0cy8yMDIyMDkvMjAyMjA5MjMtOTExNjcyLmpwZw==.jpg
IP 172.67.185.80:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 92x92, segment length 16, baseline, precision 8, 768x1024, components 3\012- data
Size 450 kB (449476 bytes)
Hash b5489aff6694d80e7e3ff244d1d2a166
908220c5912065429e7e54760787752456297f71
66b86e95f61a93501481aa105b494a25ef744c39e9d1f0f157a77daf8629dd4a
GET /out-aHR0cHM6Ly9zdGF0aWMuY3RzLmNvbS50dy9uZXdzL3Bob3RvL2N0cy8yMDIyMDkvMjAyMjA5MjMtOTExNjcyLmpwZw==.jpg HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqB3br02Sx6G2PiQzB5CKjb5vJ0TP6SnqCyCoso6HeM8JigaCzRaM9vD8Yo7guHGZk2NyA59OTRbaBuT7uqQmm3AGqO1BCBdypWb1fdML2ZWXomWDwTqRHbZ3slfCtuFxB4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15beafb0afa-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9saW5lLXNlYXJjaC1iYXIucG5n.png
172.67.185.80200 OK 1.6 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9saW5lLXNlYXJjaC1iYXIucG5n.png
IP 172.67.185.80:0
File type PNG image data, 105 x 21, 8-bit/color RGBA, non-interlaced\012- data
Hash e25acc1ecee387539907575818e4ed1e
5173b383bf067fee21edba01d93ff3092eb36a55
9174607e2a27fcfd73f1c09188ceb932edefb1ff5b2b4f632885f107398b576e
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9saW5lLXNlYXJjaC1iYXIucG5n.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 1559
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBSlsEPmmG9wiQLfbqF55Z20pxIpf99Sx%2BXhLmqYhJqbUXjmsZ1qtTeXHhKxXgthpQl1k11oxvDvMPvFmik1X79XaKH8DfjV4o9JrpWUqVu%2F8zOansDy9jZKPTK8LtxLq00%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf16029190b4d-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvcGhvdG8vY3RzLzIwMjIwOS8yMDIyMDkyMzIwOTI5MzNfbC5qcGc=.jpg
172.67.185.80200 OK 302 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvcGhvdG8vY3RzLzIwMjIwOS8yMDIyMDkyMzIwOTI5MzNfbC5qcGc=.jpg
IP 172.67.185.80:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 92x92, segment length 16, baseline, precision 8, 650x488, components 3\012- data
Size 302 kB (301898 bytes)
Hash 32a147e35aeea8709fb82edd9a002cf0
1fa0ed03a84ac2f3170825b7b0fdc20097dcf341
8d80ff6f2bef461245c405a04f22fbed3da15d5a03cc285524b28709027ae52a
GET /out-aHR0cHM6Ly9uZXdzLmN0cy5jb20udHcvcGhvdG8vY3RzLzIwMjIwOS8yMDIyMDkyMzIwOTI5MzNfbC5qcGc=.jpg HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh3LY28%2BbbgyFnuL5tutuEPT5yBfNzfXcn9UFyeQ3DByb%2F2kyIGWZBaAqV5k7ODSuNK9xvvq91MBPkjGIBNe3X8Se%2BJ9za%2FYWZaxBU9UByGuuBZdxmJfsOj05%2FXcBh%2F8FXw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15d590f1c0a-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9hcHBsZS1pY29uLnBuZw==.png
172.67.185.80200 OK 281 B URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9hcHBsZS1pY29uLnBuZw==.png
IP 172.67.185.80:0
File type PNG image data, 11 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e1b36a7ba143b94cc8bf8741f34672e
e2a05dec0ff8d1875c914aa12b3a4fc3fc153c6a
49b40d9862e97dc68a1b17b34d6c0dc286449d1862f488108f26e2f27d88f53f
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9hcHBsZS1pY29uLnBuZw==.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Content-Length: 281
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynw8xtI54%2F6gKJNzJUdf8v1B1VLW60YpkN7nHm61mZz68vQ219ElduME9fl3QpHE1ifaCUQSaQ1tcKy5oYl8pg361W2GKtck0fhEGwAv6umor9NhLEg6MN0IDee9Wm4qGjQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf1603f04b523-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly9zdGF0aWMuY3RzLmNvbS50dy9uZXdzL3Bob3RvL2N0cy8yMDIyMDkvMjAyMjA5MjMtOTExNjcxLmpwZw==.jpg
172.67.185.80200 OK 496 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly9zdGF0aWMuY3RzLmNvbS50dy9uZXdzL3Bob3RvL2N0cy8yMDIyMDkvMjAyMjA5MjMtOTExNjcxLmpwZw==.jpg
IP 172.67.185.80:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 92x92, segment length 16, baseline, precision 8, 768x1024, components 3\012- data
Size 496 kB (495478 bytes)
Hash 3df3bad3364126163d38932b40cb3377
909a2eeccc43731f5e7aeaed262b482dba60e2e3
054d67d4e54f7e6fbd182380e538fc28c9e35705d4abf9c05a0f70c5c8ad075e
GET /out-aHR0cHM6Ly9zdGF0aWMuY3RzLmNvbS50dy9uZXdzL3Bob3RvL2N0cy8yMDIyMDkvMjAyMjA5MjMtOTExNjcxLmpwZw==.jpg HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD7bno1%2FJ2Q7k9uNf7BCSaGrHXu%2FIVB1yztk8LGgoTmBVfRjR7gF9FjkCiXjWi2NUFjnQeIMNDoq27TEq%2B6XrEunxpL8R0loiMtATNz6TJpy%2BffqFPQ%2FYXSqHLtoC%2BKK91E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15d4b4c0b41-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9hbmRyb2lkLWljb24ucG5n.png
172.67.185.80200 OK 954 B URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9hbmRyb2lkLWljb24ucG5n.png
IP 172.67.185.80:0
File type PNG image data, 16 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash dd25236de23ff98b8af5dec3d89b28f0
a4325bec223cce851466024f48f8ad4157589233
d8d212cfbd2d04d926ca6e473fa09835e09243ae53c041b3adf15467472f28b0
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9hbmRyb2lkLWljb24ucG5n.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Length: 954
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:33 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4%2BKU5dj%2B5vNg2mB4ihpgQPyVc5NY7vp3NNbwXEJ5w8LDRXx7aAZfBY%2BIXjB7O5X0Zyz7%2BcNVm2I6pvVTvoqT5qGQoYE642JD6CBagBeOaG0rOgZeJvCzvtB9ppTO15nbj8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf160e9990b4d-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9xci1pb3MuanBn.jpg
172.67.185.80200 OK 5.1 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9xci1pb3MuanBn.jpg
IP 172.67.185.80:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 72x71, components 3\012- data
Hash c239890b3974c1d7cb8fc07dc703172a
220c9f05f43ac76c8187b543500b4e573de6e8aa
ab6ec2b6602c54ae59bfc87ea0d0c43f4367c3dc01135c62dcf577a41f0010da
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9xci1pb3MuanBn.jpg HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Length: 5076
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:33 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3Q2gUt3GfW21tGlLav9KRokhUl26R%2FDEhqf4RVn0jsBJ3AVefs98wDySSM6jMn5to08gG75%2BGWjnV7dd6aW8gAKNjlUE4m9Nf1q09%2BIvcjuVKuouzZ24q%2FKWxAv9bTPMn4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf160d8160afa-OSL
alt-svc: h2=":443"; ma=60
www.cts.com.tw/css/tooltip.min.css
54.230.111.9301 Moved Permanently 167 B URL HTTP/1.1 www.cts.com.tw/css/tooltip.min.css
IP 54.230.111.9:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /css/tooltip.min.css HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.cts.com.tw/css/tooltip.min.css
X-Cache: Redirect from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tNNETNyRDaMwz0kar1RpOuqonntTK2a_es4vNZdeHh_RpjVgemhdiA==
www.cts.com.tw/js/mobile-detect.min.js
54.230.111.9301 Moved Permanently 167 B URL HTTP/1.1 www.cts.com.tw/js/mobile-detect.min.js
IP 54.230.111.9:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /js/mobile-detect.min.js HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.cts.com.tw/js/mobile-detect.min.js
X-Cache: Redirect from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AER8sBQihlSpWPSzrRiBFTZYnsgJBAjJ4EZJguJfHjvb_q3DJLjviQ==
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mb290ZXItY3RzLnN2Zw==.svg
172.67.185.80200 OK 102 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mb290ZXItY3RzLnN2Zw==.svg
IP 172.67.185.80:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size 102 kB (102212 bytes)
Hash 17e0fd41c658a853b07f38e83649b9cd
192355a724f85913ec25354ea3d75ae8043bc50d
57272e99b2cc510402570265456c609aac172ed091040a17c5066b7b02d0827f
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mb290ZXItY3RzLnN2Zw==.svg HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:32 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLQrfH8wevZ6CgJXazB0eyWmeLAen%2FT73H2Wdy%2BOlR7knBCw1%2FYRgbRprqXJGsMXPDogZxbACwgcIVADNt6j8LT6UXAeIsi3uHf6ytCbKSiQVP2RC4FIVklP8Ce0bzV7LyU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf15eea211c0e-OSL
alt-svc: h2=":443"; ma=60
www.youtube.com/embed/J-0eSrOlMCw
216.58.207.206301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/J-0eSrOlMCw
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/J-0eSrOlMCw HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 07 Feb 2023 11:56:33 GMT
Location: https://www.youtube.com/embed/J-0eSrOlMCw
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cts.com.tw/images/2018cts/gotop.svg
54.230.111.9200 OK 515 B URL HTTP/2 www.cts.com.tw/images/2018cts/gotop.svg
IP 54.230.111.9:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (511), with no line terminators
Hash de37d044fc31d1d5328d6bfe53f968cd
809322a31f67a6e68aa1a737f4599142858b9bad
95742709c908552c99dbfbd17c46a6425f5aac3421614997cc892c4aa44e11a7
GET /images/2018cts/gotop.svg HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cts.com.tw/css/cts2018.css?v=85
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 515
accept-ranges: bytes
last-modified: Mon, 10 Sep 2018 03:14:28 GMT
expires: Wed, 01 Feb 2023 03:27:14 GMT
cache-control: max-age=604800
server: lighttpd/1.4.53
date: Wed, 01 Feb 2023 03:59:26 GMT
etag: "2228879064"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pz__Egp6TrZWM-PEwqgu4pQO55fI_7ijGc2Qv3JSRsnCnqLT2wmeEA==
age: 547027
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 45214010f2ef8a835d723fcd5b485977
346507b6da40928a8c600ef9c52fd6a7e0875344
4b4e5c2038d6fe241aedc738e0bd22052078bf365b6dade88cae752d0f06fa54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WQPSJ8M
142.250.74.168200 OK 56 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WQPSJ8M
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (42025)
Hash b2c4b38b4b95bbb8b1e33c6401e13161
b3eec0f6c493adcba77c622e6ea05a0c4dff7302
dbbbb19e79d114455b5bd8be3e71063c81d1950a1b6e94b6d31cecc849c008da
GET /gtm.js?id=GTM-WQPSJ8M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 11:56:33 GMT
expires: Tue, 07 Feb 2023 11:56:33 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.dable.io/dist/plugin.min.js
104.110.26.183200 OK 36 kB URL HTTP/1.1 static.dable.io/dist/plugin.min.js
IP 104.110.26.183:0
File type C source, Unicode text, UTF-8 text, with very long lines (32022)
Hash e187b9a28e435a61294ad575ae5e90f4
13abb2acc46dc8eb1ecb6f899c2649558f836c8a
5a54d16c90a7a9700ee880892d1de6806e57feb3839fdc42c2ecd1d58af6403c
GET /dist/plugin.min.js HTTP/1.1
Host: static.dable.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
ETag: "07449808dfe64e4b194527a499c400bf"
Last-Modified: Mon, 06 Feb 2023 23:19:17 GMT
Server: nginx/1.20.0
x-amz-id-2: VdExGB2kYVxr+DJNYuupn7gnv5B4OK6AditLEOZTXt+L3I+VLfhYfWIXac0u8b64WlsQ01zQ5B8=
x-amz-request-id: WTT178J04ZF4C50X
x-amz-server-side-encryption: AES256
x-amz-version-id: gWsCKlrrd0GQ5lpcTKm3HQIDCzIfBfv5
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=74927
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Length: 35475
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fziccordim.cyou
142.250.74.34200 OK 41 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fziccordim.cyou
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a96b8ae5f123cdc6c1bde734fba87ba9
527ba5a8792ee3867405156fcb10b8f2e1ec60ba
7e4f431b790ecf945c23d856ae83abdaa62b625046aa31985b75559c9f0af0d8
GET /pagead/ppub_config?ippd=fziccordim.cyou HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fziccordim.cyou
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Tue, 07 Feb 2023 11:56:33 GMT
expires: Tue, 07 Feb 2023 11:56:33 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 41
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 07-Feb-2023 12:11:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230202/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 07 Feb 2023 04:05:08 GMT
expires: Tue, 21 Feb 2023 04:05:08 GMT
cache-control: public, max-age=1209600
age: 28285
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/f565d246/www-player.css
216.58.207.206200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/f565d246/www-player.css
IP 216.58.207.206:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d151de1362089babd56939620e1e604b
19c9379cfcb638a4348c7963e88de6a557d719a4
a2eb45f1747ae71fe091a39e45f781783b6efb3b1c5c1544fb51cab965a26fe6
GET /s/player/f565d246/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/J-0eSrOlMCw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49987
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 15:53:47 GMT
expires: Tue, 06 Feb 2024 15:53:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
content-type: text/css
age: 72166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9xci1hbmRyb2lkLmpwZw==.jpg
172.67.185.80200 OK 5.6 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9xci1hbmRyb2lkLmpwZw==.jpg
IP 172.67.185.80:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 72x71, components 3\012- data
Hash 851c3527bcdfb1ae2e2a98fbee9baad0
252c6b2e1dd13b8161f569c9e1569a12a3f360d8
18a466e658119b4794ae9ef209b726c2087f798b159430f2d863be63e22418be
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9xci1hbmRyb2lkLmpwZw==.jpg HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Length: 5570
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:33 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ye71oWhMwTu%2FHPM6RgaKv4aCCOXPO0VvboBIiUHZUE%2BMpluILpSAssc4jsHmRzxtiVRXNCguZr6EhbFRAdpJdtBG9%2FevU3Qh6HIRR7L%2Flg9wnJNDjdOxaRYAEFkyP5WH6Jw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf161ac921c0a-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mdC1saW5lLnBuZw==.png
172.67.185.80200 OK 2.0 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mdC1saW5lLnBuZw==.png
IP 172.67.185.80:0
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d2dd4f997b2ca428822a7e104640c22
a0de33b5244a4449dd83cc16f7f09e6cd886f586
d6b23daa759fda251069ed9c8b7fd10947720b9044553c4c60f3604bb7a0b2dd
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mdC1saW5lLnBuZw==.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Length: 2044
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:33 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=km%2BsSwJlZHl1ezMElXZvuImSt5LudIiXn%2BiiO%2F9P%2BCEZ%2Bdzce0mBYNdHDaSeB445tu3TLF0qBZrwpL0MtArBKazxazAEejbi47ATF7qjhhfkdTRgvajKQwpZNpAzgWDDU2I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf161a8e6b523-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mYi1uZXdzLnBuZw==.png
172.67.185.80200 OK 1.4 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mYi1uZXdzLnBuZw==.png
IP 172.67.185.80:0
File type PNG image data, 55 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash c53a3bb635c9a7bdea58ae75369afb40
a0572bb2ea861c2eaa9c113c5eeb5d8f1e9a7c01
1e056725988db84755678e20ee8fd9086bf0fbd08f269ec132c4966b0b8bca3c
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9mYi1uZXdzLnBuZw==.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Length: 1350
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:33 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdSqEdphezQrBZmTN4nx%2F661FmqO3csiJU1gXFpWy48WTFDxpUnnAJPW3tF5vSzKtWSLGWLiC6jLXvM%2BTp%2BPuUIij%2FeUIDXRHfXGPvW5r%2Bco4W%2BAUo5brnpGDtnEtqkymzA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf16259de0afa-OSL
alt-svc: h2=":443"; ma=60
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9xci1saW5lLnBuZw==.png
172.67.185.80200 OK 5.7 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9xci1saW5lLnBuZw==.png
IP 172.67.185.80:0
File type PNG image data, 77 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash a52f312f70ac92c47e9f1f09deacddea
c3f995a3f596fdf2ad7480fae7161684e97190c1
a60a6344c5c8c955ae1ce70920f42d2b7788dc8b7ed337b7b32fb3ad6151916e
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvMjAxOGN0cy9xci1saW5lLnBuZw==.png HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Length: 5684
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:33 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JMSoXVywEqPmn%2Fce5MCdT3XOFQ6FsUgb6PweDx1D5GlXQ1dtKrkO2FKa%2FlUTlrwSwlCwgkrrbrbtvoLSDIPbxDZIQy2IdW3BVGIZxBnhC56qzNG%2FP5ozJMcfJd1sAR9ifQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf162180d0b41-OSL
alt-svc: h2=":443"; ma=60
www.cts.com.tw/js/owlcarousel2.3.4/assets/owl.theme.default.min.css
54.230.111.9200 OK 958 B URL HTTP/2 www.cts.com.tw/js/owlcarousel2.3.4/assets/owl.theme.default.min.css
IP 54.230.111.9:0
Hash a7b6c2f8a412afcc50110ccb01bdd147
6be6f51f8af127b9a36fc9ed9d54495027959a29
df0f648b977a204479326a01a9251785fcffb450503bf129e99959f807143799
GET /js/owlcarousel2.3.4/assets/owl.theme.default.min.css HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Tue, 07 Feb 2023 11:56:32 GMT
etag: W/"3203745224"
last-modified: Wed, 05 Sep 2018 10:41:05 GMT
expires: Tue, 07 Feb 2023 12:56:32 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TfW6aOeI0Ys7fwo5s8WmNMkG3YUeNAhsMPXx7yVHO01VG8a7sUD1Ag==
X-Firefox-Spdy: h2
www.youtube.com/embed/J-0eSrOlMCw
216.58.207.206200 OK 139 kB URL HTTP/2 www.youtube.com/embed/J-0eSrOlMCw
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58338)
Size 139 kB (138938 bytes)
Hash 162ca1dd31f22e66a166f4e2106a0276
eb2d32130a1ee131079b9071cf0d3dcea1a746e1
4f904e68ed3b2f38aadaf3b0661644016e1b758d249721b887106cc6d7feecda
GET /embed/J-0eSrOlMCw HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Feb 2023 11:56:33 GMT
strict-transport-security: max-age=31536000
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'nonce-D0ZudD-NotIip_wFPu_rqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=SsZlqt5DYHE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnpNNE1UWXhNVGM0T1RrM05qYzNNdz09EPH4iJ8GGPH4iJ8G; Domain=.youtube.com; Expires=Sun, 06-Aug-2023 11:56:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=-UNZBkjDcqY; Domain=.youtube.com; Expires=Sun, 06-Aug-2023 11:56:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+489; expires=Thu, 06-Feb-2025 11:56:33 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/f565d246/player_ias.vflset/en_US/base.js
216.58.207.206200 OK 615 kB URL HTTP/2 www.youtube.com/s/player/f565d246/player_ias.vflset/en_US/base.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (517)
Size 615 kB (615275 bytes)
Hash e25f8b42beea853094ebebce4c58aaa8
f3231e22d6f51128302dd758b2fa30e21bceb059
0c30c2758d9c9b237ec96c1e4985788e5906be55d31b7d5d6b8a5ec0e737aec5
GET /s/player/f565d246/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/J-0eSrOlMCw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 615275
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 16:00:33 GMT
expires: Tue, 06 Feb 2024 16:00:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Feb 2023 01:13:34 GMT
content-type: text/javascript
age: 71760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.cts.com.tw/js/owlcarousel2.3.4/assets/owl.carousel.min.css
54.230.111.9200 OK 3.9 kB URL HTTP/2 www.cts.com.tw/js/owlcarousel2.3.4/assets/owl.carousel.min.css
IP 54.230.111.9:0
Hash ac721deda168b218497919ae40caa9f9
b311294020f0a78bcccf31ef9537b7a8c9137c0d
83d53d8c60d8b51e692925df13501b7f8dd2b8f77dc477ac63821d49be31f23f
GET /js/owlcarousel2.3.4/assets/owl.carousel.min.css HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Tue, 07 Feb 2023 11:56:32 GMT
etag: W/"4292691278"
last-modified: Wed, 05 Sep 2018 10:41:05 GMT
expires: Tue, 07 Feb 2023 12:56:32 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tFKcH5DWzlBeYedbGlgdr4ZEb4o2W9KNGMRcM4dcU1QrA3bvYTvtww==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cts.com.tw/css/cts2018.css?v=85
54.230.111.9200 OK 21 kB URL HTTP/2 www.cts.com.tw/css/cts2018.css?v=85
IP 54.230.111.9:0
Hash 94c6b83f7d5f5f02e253e81343a37680
7d9618aa6a70c73f162e47b654148588546b50db
bd1a90b385a2c431c8afa6f622fa4c258bff22e585918d0e79e153e58c22cd49
GET /css/cts2018.css?v=85 HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Tue, 07 Feb 2023 11:56:32 GMT
etag: W/"3928540678"
last-modified: Fri, 04 Nov 2022 04:43:03 GMT
expires: Tue, 07 Feb 2023 12:56:32 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: espq293NgQ08NkF912hFd96HBetepkj46VeuwZX8An_vHMW27EfUOA==
X-Firefox-Spdy: h2
news.cts.com.tw/css/cts2018-news.css?v=84
54.230.111.9200 OK 25 kB URL HTTP/2 news.cts.com.tw/css/cts2018-news.css?v=84
IP 54.230.111.9:0
Hash 7ce3c6e8baf77d292bd07b522aca8cf9
29642e4593faecce9b5571587b83e18bdc95f21c
2bd4a1c923331c6f9add50c3799806e6941cc1926dee4f52f17c092c130309ef
GET /css/cts2018-news.css?v=84 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Tue, 07 Feb 2023 11:56:32 GMT
etag: W/"1126355756"
last-modified: Tue, 06 Dec 2022 09:55:24 GMT
expires: Tue, 07 Feb 2023 12:56:32 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vGDcEExgVWUyIhCkHx79LY_O0MdlkPK6TPdFiokoRRY2vPAWA0JqXw==
X-Firefox-Spdy: h2
fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvYWRkTGluZUN0cy5zdmc=.svg
172.67.185.80200 OK 7.2 kB URL HTTP/1.1 fziccordim.cyou/out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvYWRkTGluZUN0cy5zdmc=.svg
IP 172.67.185.80:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 4de2805e5f6524576aba927f14bff2c6
62752a01a7fe04e0f9a17c248dbf51de55ac8ba6
d17765917f5768417e1dc38d22db0b78e838d05b6f5c130f981593f1017b487c
GET /out-aHR0cHM6Ly93d3cuY3RzLmNvbS50dy9pbWFnZXMvYWRkTGluZUN0cy5zdmc=.svg HTTP/1.1
Host: fziccordim.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Length: 7215
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Tue, 07 Feb 2023 11:56:33 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT7ftBBqTpLeyiirepRpXAl5JZ0uK8c4050QcenDWY84YiOlJ0xq498b2Hf2JRyzZ45yDImhuekejnHNtVIs2njjgjFEQd9RHw%2FLJ1XCBj3TfS%2FxbBzj6zZbrxN7hskzjVU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795bf1624aa60b4d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.cts.com.tw/news/images/new_icon2.gif
54.230.111.38200 OK 1.4 kB URL HTTP/2 static.cts.com.tw/news/images/new_icon2.gif
IP 54.230.111.38:0
File type GIF image data, version 89a, 39 x 23\012- data
Hash 01b8f25462169ce676dd6aa2c04eb0cc
de20c85364e2f314b257ff4fdbeea4f94b2844c8
2c4b71d0d566dfc4c7f609dbc116a6a09bc87fb606ddbf8e98a3ea6fde7f8643
GET /news/images/new_icon2.gif HTTP/1.1
Host: static.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 1431
date: Tue, 07 Feb 2023 01:41:40 GMT
last-modified: Fri, 18 Sep 2020 03:09:02 GMT
etag: "01b8f25462169ce676dd6aa2c04eb0cc"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _OdfMu6BNv50Ppsm4azsSV2v8Zi_j3F0GZgAq4JRe5twV7X7NsMXmw==
age: 36894
X-Firefox-Spdy: h2
news.cts.com.tw/api/slide_news_jsonp.json?t=1675771043&callback=callback_slidenews&_=1675771042511
54.230.111.33301 Moved Permanently 167 B URL HTTP/1.1 news.cts.com.tw/api/slide_news_jsonp.json?t=1675771043&callback=callback_slidenews&_=1675771042511
IP 54.230.111.33:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /api/slide_news_jsonp.json?t=1675771043&callback=callback_slidenews&_=1675771042511 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://news.cts.com.tw/api/slide_news_jsonp.json?t=1675771043&callback=callback_slidenews&_=1675771042511
X-Cache: Redirect from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Iao_mvxeRT-SmIi8YVbu9G39QqC2Ts6zNSB7_Oe2rJU4YfLEZ94mWA==
news.cts.com.tw/api/hotnews_realtime_block_jsonp.json?t=1675771043&callback=callback_hotnews_realtime&_=1675771042512
54.230.111.33301 Moved Permanently 167 B URL HTTP/1.1 news.cts.com.tw/api/hotnews_realtime_block_jsonp.json?t=1675771043&callback=callback_hotnews_realtime&_=1675771042512
IP 54.230.111.33:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /api/hotnews_realtime_block_jsonp.json?t=1675771043&callback=callback_hotnews_realtime&_=1675771042512 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://news.cts.com.tw/api/hotnews_realtime_block_jsonp.json?t=1675771043&callback=callback_hotnews_realtime&_=1675771042512
X-Cache: Redirect from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dnctzG2PywoFBtTLSmI3v5EumCePYUO17YNWC8h61Ngx_Wjkl-GrOg==
news.cts.com.tw/api/news_recommend_jsonp.json?t=?t=1675771043&callback=callback_recommend&_=1675771042513
54.230.111.33301 Moved Permanently 167 B URL HTTP/1.1 news.cts.com.tw/api/news_recommend_jsonp.json?t=?t=1675771043&callback=callback_recommend&_=1675771042513
IP 54.230.111.33:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /api/news_recommend_jsonp.json?t=?t=1675771043&callback=callback_recommend&_=1675771042513 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://news.cts.com.tw/api/news_recommend_jsonp.json?t=?t=1675771043&callback=callback_recommend&_=1675771042513
X-Cache: Redirect from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NZZLrHKaLDjj7xk3fD1gBhIb7UsFVEjvwCJj5GCzuuapimoDFux0sQ==
news.cts.com.tw/api/cts2018-right-topic.json?t=1675771043&callback=callback_rightTopic&_=1675771042514
54.230.111.33301 Moved Permanently 167 B URL HTTP/1.1 news.cts.com.tw/api/cts2018-right-topic.json?t=1675771043&callback=callback_rightTopic&_=1675771042514
IP 54.230.111.33:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /api/cts2018-right-topic.json?t=1675771043&callback=callback_rightTopic&_=1675771042514 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://news.cts.com.tw/api/cts2018-right-topic.json?t=1675771043&callback=callback_rightTopic&_=1675771042514
X-Cache: Redirect from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s9xQEKldHsr0_i0EH-6_8QFbGiuiOo-rUbbCX2mXnhvSVZpBLbtOFg==
news.cts.com.tw/api/keywords_jsonp.json?t=2&callback=callback_keywords&_=1675771042515
54.230.111.33301 Moved Permanently 167 B URL HTTP/1.1 news.cts.com.tw/api/keywords_jsonp.json?t=2&callback=callback_keywords&_=1675771042515
IP 54.230.111.33:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /api/keywords_jsonp.json?t=2&callback=callback_keywords&_=1675771042515 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://news.cts.com.tw/api/keywords_jsonp.json?t=2&callback=callback_keywords&_=1675771042515
X-Cache: Redirect from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -TDqBFf6CDY5Ekf9jTnXRKhvr1vaoQrLvEjgov5ytqG38IG-H2YFHA==
www.cts.com.tw/api/news_lei_4s.json?t=271157&callback=callback_4s&_=1675771042516
54.230.111.9301 Moved Permanently 167 B URL HTTP/1.1 www.cts.com.tw/api/news_lei_4s.json?t=271157&callback=callback_4s&_=1675771042516
IP 54.230.111.9:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /api/news_lei_4s.json?t=271157&callback=callback_4s&_=1675771042516 HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.cts.com.tw/api/news_lei_4s.json?t=271157&callback=callback_4s&_=1675771042516
X-Cache: Redirect from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FKQjaCX7mzwE-01Algs_GdBW1r4L7jP41I0UwduQrqvcrC2mXBDT0A==
www.cts.com.tw/api/weather_list.json?t=27&callback=callback_weather&_=1675771042517
54.230.111.9301 Moved Permanently 167 B URL HTTP/1.1 www.cts.com.tw/api/weather_list.json?t=27&callback=callback_weather&_=1675771042517
IP 54.230.111.9:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /api/weather_list.json?t=27&callback=callback_weather&_=1675771042517 HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.cts.com.tw/api/weather_list.json?t=27&callback=callback_weather&_=1675771042517
X-Cache: Redirect from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9i-TSNzt-0T94eofuDB-L84Bf17TRXzPnEW5WQ6LyAssUQfTWz_fjQ==
api.popin.cc/searchbox/cts_tw.js
119.63.193.220200 OK 37 kB URL HTTP/1.1 api.popin.cc/searchbox/cts_tw.js
IP 119.63.193.220:0
File type Unicode text, UTF-8 text, with very long lines (65329)
Hash 6e4fb9107bc39b99dc64bf627c07dfca
c76074c81929b474b99c99066c51808e305a4b54
cbf59cf9b39afacbd71c350e7c72902b760dfd13a76df08a3a9e311544b7482c
GET /searchbox/cts_tw.js HTTP/1.1
Host: api.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 11:56:33 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 01 Dec 2022 10:24:23 GMT
ETag: W/"a0298a00c0d3915d8d8b872d14c9fcbe"
Cache-Control: max-age=3600
x-amz-version-id: J42pftzPqJkLw5Qpl._7bASO7tFW7IQf
Expires: Tue, 07 Feb 2023 12:56:33 GMT
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Cache-Status: HIT from 10.252.55.25
Content-Encoding: gzip
www.cts.com.tw/api/news_lei_4s.json?t=271157&callback=callback_4s&_=1675771042516
54.230.111.9200 OK 15 B URL HTTP/2 www.cts.com.tw/api/news_lei_4s.json?t=271157&callback=callback_4s&_=1675771042516
IP 54.230.111.9:0
File type ASCII text, with no line terminators
Hash e4d0399918bb256e8574627e5e8132a1
0f997a09dcfbff2caf7cdddac5254d887eadc5b2
295f809593e0f175fe9b1d4ebc3f1c1debe6a999fea7487067e03dcd102aa663
GET /api/news_lei_4s.json?t=271157&callback=callback_4s&_=1675771042516 HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 15
date: Tue, 07 Feb 2023 11:56:33 GMT
accept-ranges: bytes
etag: "2101827238"
last-modified: Tue, 07 Feb 2023 11:54:01 GMT
expires: Tue, 07 Feb 2023 12:01:33 GMT
cache-control: max-age=300
server: lighttpd/1.4.53
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bHWKDIVq5U6ueLu_x_luCp71NiXObFv1p0eOmmExRodqqGu5AstHjQ==
X-Firefox-Spdy: h2
www.cts.com.tw/api/news_realtime_marquee.json?t=271157&callback=callback_realtime&_=1675771042518
54.230.111.9301 Moved Permanently 167 B URL HTTP/1.1 www.cts.com.tw/api/news_realtime_marquee.json?t=271157&callback=callback_realtime&_=1675771042518
IP 54.230.111.9:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /api/news_realtime_marquee.json?t=271157&callback=callback_realtime&_=1675771042518 HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:34 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.cts.com.tw/api/news_realtime_marquee.json?t=271157&callback=callback_realtime&_=1675771042518
X-Cache: Redirect from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xl-EfNWDrD3i4sKWyO8uAydeT67XG3Fe97mDXg_7Tc1thn9VuZY5Dw==
www.cts.com.tw/images/2018cts/newslist-deco.png
54.230.111.9200 OK 237 B URL HTTP/2 www.cts.com.tw/images/2018cts/newslist-deco.png
IP 54.230.111.9:0
File type PNG image data, 8 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e13909033e7b3cb2407f3a934f48b6e
d0271b45be2fd18e1cb5f8102af4e57186cab293
f5a996af5bfe4a512ec14b667964b08aacafd42f45f49314c7ee39fa02429762
GET /images/2018cts/newslist-deco.png HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.cts.com.tw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 237
date: Thu, 02 Feb 2023 07:38:38 GMT
accept-ranges: bytes
etag: "2517833433"
last-modified: Fri, 07 Sep 2018 02:47:47 GMT
expires: Thu, 09 Feb 2023 07:38:38 GMT
cache-control: max-age=604800
server: lighttpd/1.4.53
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gNFREgM7pvjtn-faDImAnPbUlCcSQzT-2whL41_VT6S7gmvNYRBnbw==
age: 447476
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 16a00010059b5807d3bc9183a12afe36
9db7a4959203fd4aad2fd5507d906b94d58a872e
3fedb9ff11e2b06dd50e1446a857dcd33f8caa2fefa62bc6ce8fc1af172965f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 11:50:54 GMT
expires: Tue, 07 Feb 2023 12:05:54 GMT
cache-control: public, max-age=900
age: 340
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 282 B IP 172.64.155.188:0
Hash 17d64f40fafb0aed3243459af92a86ec
96e646d72f4806e2b1e286df280c665c831e0007
1e456d7bd8f42ea873be9b593b3d15cfa0ee5923cbac3e91ce77522012b0254c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:34 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 10:30:47 GMT
Expires: Tue, 14 Feb 2023 10:30:46 GMT
Etag: "96e646d72f4806e2b1e286df280c665c831e0007"
Cache-Control: max-age=599051,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795bf167ef8fb51d-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 16a00010059b5807d3bc9183a12afe36
9db7a4959203fd4aad2fd5507d906b94d58a872e
3fedb9ff11e2b06dd50e1446a857dcd33f8caa2fefa62bc6ce8fc1af172965f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.popin.cc/td_js_sdk_171.js
119.63.193.220200 OK 13 kB URL HTTP/1.1 api.popin.cc/td_js_sdk_171.js
IP 119.63.193.220:0
File type ASCII text, with very long lines (15820)
Hash f8c04fbcd2a9a8decb5575efb7579613
25b9b4daa00ce4f2393123574211b07dfdf666d2
ca3918c559732ff63c526b8a42b4033c38a6001894d315775fe70db6d0851038
GET /td_js_sdk_171.js HTTP/1.1
Host: api.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 11:56:34 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
Cache-Control: max-age=3600
x-amz-version-id: null
Expires: Tue, 07 Feb 2023 12:56:34 GMT
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Cache-Status: HIT from 10.252.55.25
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 07 Feb 2023 11:56:34 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c0c18b789b296a2b3cc9adb04c94e6f7
a0fa241f813c414178f5dffd30d5c2b82d16669b
95ec61ae9d1384fdbcee256ec441d6db4e3243ed3f8e1801b3607ce3c2e1e3f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/dmR7aMZhpUGxXU8vYsM9MYWlbSW0lxfxjbRhFsF7E9Q.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/dmR7aMZhpUGxXU8vYsM9MYWlbSW0lxfxjbRhFsF7E9Q.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35901)
Hash f48d26fa9ad0d03051b76570c1ceb3f4
c655b97693149f733e24548b380b652967720939
5f1167fdda70ef7585fcc20b8c7a0a371ceefa2b28ba80c4115e69e3f7a006c9
GET /js/th/dmR7aMZhpUGxXU8vYsM9MYWlbSW0lxfxjbRhFsF7E9Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14207
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 06:08:19 GMT
expires: Thu, 01 Feb 2024 06:08:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
content-type: text/javascript
age: 539295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash dc6476047a6e289ed74b87d83b90d863
e6b0b1ee31e8a66e89214d5883eb08c82d0c9302
624a1fa845d9543324e80e4667a0bd25ae9f57bb3ccb109670928b7e53d4347e
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 07 Feb 2023 11:56:34 GMT
server: ESF
cache-control: private
content-length: 30809
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
news.cts.com.tw/photo/cts/202302/202302052138815_wm.jpg
54.230.111.9200 OK 10 kB URL HTTP/2 news.cts.com.tw/photo/cts/202302/202302052138815_wm.jpg
IP 54.230.111.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 180x101, components 3\012- data
Hash 96a94c5a260912521687915e3fb25778
956c48f6a070531345afbcbe5aa44b7e65a74f5d
8dc3298452e1c9c5eaec5a6a2a19ccc7b19804c913634b881438b4f431a78a4f
GET /photo/cts/202302/202302052138815_wm.jpg HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10158
date: Tue, 07 Feb 2023 11:56:34 GMT
accept-ranges: bytes
etag: "697474617"
last-modified: Sun, 05 Feb 2023 10:44:13 GMT
expires: Tue, 14 Feb 2023 11:56:34 GMT
cache-control: max-age=604800
server: lighttpd/1.4.53
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xv_kKuAsnH9g61lb8CFDsroS-yn_o2-lvu6mmp1HPPdEr7GTO-mLfw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d1aa4ad88ba34d800f450aa8b3c8e8d
3146a99bf109d80817ecde097dd2a9f15f44b0df
417352ca073e3ce602b656facbc706f9c2188f8c4d2a0bdc6dccf77bc27c0ea6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d1aa4ad88ba34d800f450aa8b3c8e8d
3146a99bf109d80817ecde097dd2a9f15f44b0df
417352ca073e3ce602b656facbc706f9c2188f8c4d2a0bdc6dccf77bc27c0ea6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d8fdc3f3fcd0a67e69f28b56f4f0c65
4971af943010d5bbb9d714deef8c44597f6b3092
3342a5a542b3dcd7f44f490609d077b00aad3be7d1ce6474073a9f589c32e403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/iTcHlxwdkr8--Is7A29DBpxDBiv36JHEG_YZowrEbPmpckb5jlQn93qYiHLPUjubzFoAxgj9=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.8 kB URL HTTP/2 yt3.ggpht.com/iTcHlxwdkr8--Is7A29DBpxDBiv36JHEG_YZowrEbPmpckb5jlQn93qYiHLPUjubzFoAxgj9=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 8f3fc9b47672417d74982d0cafc7dd06
987d3aacd472604cb12114da83ed82462d820d89
1ccc2c0be0715b88ab7829b36592ec3d2db23c092170e28db51040376d5c1a54
GET /iTcHlxwdkr8--Is7A29DBpxDBiv36JHEG_YZowrEbPmpckb5jlQn93qYiHLPUjubzFoAxgj9=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3827
x-xss-protection: 0
date: Tue, 07 Feb 2023 11:12:26 GMT
expires: Tue, 24 Jan 2023 10:00:12 GMT
cache-control: public, max-age=86400, no-transform
age: 2648
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-B5S0TX9D32>m=45je3210&_p=1248360976&cid=368411405.1675771043&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675771043&sct=1&seg=0&dl=http%3A%2F%2Ffziccordim.cyou%2F&dt=fziccordim.cyou&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-B5S0TX9D32>m=45je3210&_p=1248360976&cid=368411405.1675771043&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675771043&sct=1&seg=0&dl=http%3A%2F%2Ffziccordim.cyou%2F&dt=fziccordim.cyou&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-B5S0TX9D32>m=45je3210&_p=1248360976&cid=368411405.1675771043&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675771043&sct=1&seg=0&dl=http%3A%2F%2Ffziccordim.cyou%2F&dt=fziccordim.cyou&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fziccordim.cyou
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://fziccordim.cyou
date: Tue, 07 Feb 2023 11:56:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
news.cts.com.tw/api/news_recommend_jsonp.json?t=?t=1675771043&callback=callback_recommend&_=1675771042513
54.230.111.9200 OK 7.3 kB URL HTTP/2 news.cts.com.tw/api/news_recommend_jsonp.json?t=?t=1675771043&callback=callback_recommend&_=1675771042513
IP 54.230.111.9:0
Hash 6e21290c4e9ca806da499178c08894be
b13a7f2b64716a5a7dd47cafc175b620e8575a62
d808418d25faeb63e4ed6eb70de7ab7ebad9a3bd14f29c621d4ee0949959a23c
GET /api/news_recommend_jsonp.json?t=?t=1675771043&callback=callback_recommend&_=1675771042513 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 07 Feb 2023 11:56:33 GMT
etag: W/"1461917002"
last-modified: Tue, 07 Feb 2023 11:48:02 GMT
expires: Tue, 07 Feb 2023 12:01:33 GMT
cache-control: max-age=300
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YDYlw4AGoHP994sNIN2i980P6FsXD7qrbUP27TD7sJQeof2LVFi2Qg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5d8fdc3f3fcd0a67e69f28b56f4f0c65
4971af943010d5bbb9d714deef8c44597f6b3092
3342a5a542b3dcd7f44f490609d077b00aad3be7d1ce6474073a9f589c32e403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cts.com.tw/images/w_icon03.svg
54.230.111.9301 Moved Permanently 167 B URL HTTP/1.1 www.cts.com.tw/images/w_icon03.svg
IP 54.230.111.9:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /images/w_icon03.svg HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:34 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.cts.com.tw/images/w_icon03.svg
X-Cache: Redirect from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6IUbChmoPo2w5dBxHmmPH8xRXsWC6JX4nXgUZQUDKQmE3B-eh997Rg==
news.cts.com.tw/api/slide_news_jsonp.json?t=1675771043&callback=callback_slidenews&_=1675771042511
54.230.111.9200 OK 1.1 kB URL HTTP/2 news.cts.com.tw/api/slide_news_jsonp.json?t=1675771043&callback=callback_slidenews&_=1675771042511
IP 54.230.111.9:0
File type ASCII text, with very long lines (5597), with no line terminators
Hash 7ffeccfff43e195a6a42c4bc3cfbb8eb
d2819aecb81ac1c8eabfec0000ebae6e3783b04b
3b6dec1c34b0d4de1f9240f665df22db2d71837cc1f5146bb760e03bd26e4f58
GET /api/slide_news_jsonp.json?t=1675771043&callback=callback_slidenews&_=1675771042511 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 07 Feb 2023 11:56:34 GMT
etag: W/"3556840593"
last-modified: Tue, 07 Feb 2023 11:48:01 GMT
expires: Tue, 07 Feb 2023 12:01:34 GMT
cache-control: max-age=300
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nN09vlUA-zUPTluUJFe9GGbZ9pgeIFWmOZAM7AA_Deb-um6XcBm_3w==
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6d10af455defe97e505c128116487d22
f6540bc98538a678fb6b8cab1ddd11164700e243
ce3eb161d613f13f983e76c20ab55301596d98c179ce0c3b201055473239cd33
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1270
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 07 Feb 2023 11:56:34 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.popin.cc/popin_discovery5-min.js
119.63.193.220200 OK 43 kB URL HTTP/1.1 api.popin.cc/popin_discovery5-min.js
IP 119.63.193.220:0
File type Unicode text, UTF-8 text, with very long lines (65212), with no line terminators
Hash 10985f901f1dfa538eb79c58a7696d28
e701c1293f0732ddebf0cfcf58a787fad98bc6da
49976a4ed1005aac3f0c6021d70cc0e11a78a5503759978192ec244920c79157
GET /popin_discovery5-min.js HTTP/1.1
Host: api.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 11:56:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 04 Jan 2023 06:45:28 GMT
ETag: W/"dea14647ed42ad93bfc3d619993107a4"
x-amz-version-id: rMjFgUNkSodLPiS9pNV2rTlSUT0KRhgZ
Expires: Tue, 07 Feb 2023 12:56:34 GMT
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Cache-Status: HIT from 10.252.55.44
Content-Encoding: gzip
news.cts.com.tw/api/cts2018-right-topic.json?t=1675771043&callback=callback_rightTopic&_=1675771042514
54.230.111.9200 OK 14 kB URL HTTP/2 news.cts.com.tw/api/cts2018-right-topic.json?t=1675771043&callback=callback_rightTopic&_=1675771042514
IP 54.230.111.9:0
Hash eb3626063517b4c7d63894a518f4a278
216fb4ac606e4186c1e91c4a66b5ba9f9900a232
dbf7373b0ea7550e9b1262901dfb0b1d5a9aab8840887d221be8b5776568e73e
GET /api/cts2018-right-topic.json?t=1675771043&callback=callback_rightTopic&_=1675771042514 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 07 Feb 2023 11:56:33 GMT
etag: W/"1730289968"
last-modified: Tue, 07 Feb 2023 11:55:19 GMT
expires: Tue, 07 Feb 2023 12:01:33 GMT
cache-control: max-age=300
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yWPBci5dZ68Hj7Ln5WEKNbYtPjca0ZlUv760X2G7riJOSc-l7lH3Rg==
X-Firefox-Spdy: h2
news.cts.com.tw/photo/cts/202302/202302042138594_wm.jpg
54.230.111.9200 OK 11 kB URL HTTP/2 news.cts.com.tw/photo/cts/202302/202302042138594_wm.jpg
IP 54.230.111.9:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, baseline, precision 8, 180x101, components 3\012- data
Hash 4d4f11a8150e312c33aed9cc79936a7d
2fff68674f8bf034f768a6863d5347c53c5c402f
946105f485033ce2a3d4e0e16faf33771f51e9eea93221ea18c3abde23f863d0
GET /photo/cts/202302/202302042138594_wm.jpg HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11284
date: Tue, 07 Feb 2023 11:56:34 GMT
accept-ranges: bytes
etag: "1852980907"
last-modified: Sat, 04 Feb 2023 12:00:24 GMT
expires: Tue, 14 Feb 2023 11:56:34 GMT
cache-control: max-age=604800
server: lighttpd/1.4.53
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jn45F9DHxqXe4XhFDIJIvDTuKFXcbkqzjb2lQyqR4IfqxbOuM_AMHA==
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f287a46ea14c24b99558832d77fe4898
ea25f8e99c7a3d4fec24404f7d306cc9f9126a0b
1116b75845485d78b53d1cd2c6cb697ba622a27b10b41494f8aad96d636b5e67
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 11:56:34 GMT
Ali-Swift-Global-Savetime: 1675770994
Via: cache20.l2de2[3,3,200-0,M], cache20.l2de2[4,0], cache3.se1[27,26,200-0,M], cache3.se1[28,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 07 Feb 2023 11:56:34 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716757709947106608e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f287a46ea14c24b99558832d77fe4898
ea25f8e99c7a3d4fec24404f7d306cc9f9126a0b
1116b75845485d78b53d1cd2c6cb697ba622a27b10b41494f8aad96d636b5e67
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 11:56:34 GMT
Ali-Swift-Global-Savetime: 1675770994
Via: cache26.l2de2[296,296,200-0,M], cache26.l2de2[297,0], cache3.se1[319,319,200-0,M], cache3.se1[320,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 07 Feb 2023 11:56:34 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716757709944566340e
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f287a46ea14c24b99558832d77fe4898
ea25f8e99c7a3d4fec24404f7d306cc9f9126a0b
1116b75845485d78b53d1cd2c6cb697ba622a27b10b41494f8aad96d636b5e67
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 07 Feb 2023 11:56:34 GMT
Last-Modified: Mon, 06 Feb 2023 23:37:06 GMT
ETag: "63e18f22-1d7"
Expires: Wed, 08 Feb 2023 23:37:06 GMT
Cache-Control: max-age=128432
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1675770994
Via: cache4.l2de2[294,293,200-0,M], cache4.l2de2[295,0], cache4.se1[317,317,200-0,M], cache4.se1[319,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 07 Feb 2023 11:56:34 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9816757709944611880e
log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im5ld3MuY3RzLmNvbS50dyIsInVybCI6Imh0dHA6Ly9memljY29yZGltLmN5b3UvIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF90aXRsZSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkZpcmVmb3giLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDUuMC4wIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIn0=&t=1675771043403
119.63.198.143200 OK 66 B URL HTTP/2 log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im5ld3MuY3RzLmNvbS50dyIsInVybCI6Imh0dHA6Ly9memljY29yZGltLmN5b3UvIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF90aXRsZSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkZpcmVmb3giLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDUuMC4wIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIn0=&t=1675771043403
IP 119.63.198.143:0
File type PC bitmap, Windows 3.x format, 1 x 1 x 1, image size 4, cbSize 66, bits offset 62\012- data
Hash 7c62116208fd10b243e77e186f4163c6
179106268a896c22cace0e460a834b99c6e28baf
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
GET /log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im5ld3MuY3RzLmNvbS50dyIsInVybCI6Imh0dHA6Ly9memljY29yZGltLmN5b3UvIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF90aXRsZSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkZpcmVmb3giLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDUuMC4wIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIn0=&t=1675771043403 HTTP/1.1
Host: log.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.13.5
date: Tue, 07 Feb 2023 11:56:34 GMT
content-type: image/jpeg
content-length: 66
last-modified: Thu, 13 Dec 2018 07:19:53 GMT
etag: "5c120819-42"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibmV3cy5jdHMuY29tLnR3IiwidXJsIjoiaHR0cDovL2Z6aWNjb3JkaW0uY3lvdS8iLCJsb2MiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX29zIjoiV2luZG93cyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiRmlyZWZveCIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAifQ==&t=1675771043401
119.63.198.143200 OK 66 B URL HTTP/2 log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibmV3cy5jdHMuY29tLnR3IiwidXJsIjoiaHR0cDovL2Z6aWNjb3JkaW0uY3lvdS8iLCJsb2MiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX29zIjoiV2luZG93cyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiRmlyZWZveCIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAifQ==&t=1675771043401
IP 119.63.198.143:0
File type PC bitmap, Windows 3.x format, 1 x 1 x 1, image size 4, cbSize 66, bits offset 62\012- data
Hash 7c62116208fd10b243e77e186f4163c6
179106268a896c22cace0e460a834b99c6e28baf
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
GET /log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibmV3cy5jdHMuY29tLnR3IiwidXJsIjoiaHR0cDovL2Z6aWNjb3JkaW0uY3lvdS8iLCJsb2MiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX29zIjoiV2luZG93cyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiRmlyZWZveCIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAifQ==&t=1675771043401 HTTP/1.1
Host: log.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.13.5
date: Tue, 07 Feb 2023 11:56:34 GMT
content-type: image/jpeg
content-length: 66
last-modified: Thu, 13 Dec 2018 07:19:53 GMT
etag: "5c120819-42"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash f287a46ea14c24b99558832d77fe4898
ea25f8e99c7a3d4fec24404f7d306cc9f9126a0b
1116b75845485d78b53d1cd2c6cb697ba622a27b10b41494f8aad96d636b5e67
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 11:56:34 GMT
Ali-Swift-Global-Savetime: 1675770995
Via: cache25.l2de2[472,471,200-0,M], cache25.l2de2[472,0], cache3.se1[493,493,200-0,M], cache3.se1[495,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 07 Feb 2023 11:56:35 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9716757709945456455e
www.cts.com.tw/images/w_icon03.svg
54.230.111.9200 OK 1.0 kB URL HTTP/2 www.cts.com.tw/images/w_icon03.svg
IP 54.230.111.9:0
Hash 5938ba7ff3840f44d96f5dfc8a0ffd3b
99b0a9aa52b770298e38fbc8872050b9eb9ad665
4e50cc374409a418810ee1b5995064c1397b7ca2df8030bd1dd90824c5b341d1
GET /images/w_icon03.svg HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 07 Feb 2023 11:56:34 GMT
etag: W/"1776222174"
last-modified: Tue, 28 Aug 2018 07:38:35 GMT
expires: Tue, 14 Feb 2023 11:56:34 GMT
cache-control: max-age=604800
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DpDKmC2mpfqRJX6PeGS1ptrtzh928QNPzsHKjvjhdICOyqrBVUvofw==
X-Firefox-Spdy: h2
www.cts.com.tw/js/mobile-detect.min.js
54.230.111.9200 OK 18 kB URL HTTP/2 www.cts.com.tw/js/mobile-detect.min.js
IP 54.230.111.9:0
File type ASCII text, with very long lines (33237)
Hash 56fec283b399e50e72044a8daf48439c
cc41559c3142b100816e137b0fd0b22b56e863c6
eaabd0a644fe29d9ee24b29ebbec10c951173289b72134ab81b10b7019a2495f
GET /js/mobile-detect.min.js HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 07 Feb 2023 11:56:33 GMT
etag: W/"656034630"
last-modified: Fri, 24 Apr 2020 04:51:10 GMT
expires: Tue, 07 Feb 2023 12:56:32 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7USeH5qZDdiAUsayMPqmZxfhrtCYD-ZzvVHY204n00uKxhoZTOVsHw==
X-Firefox-Spdy: h2
sb.scorecardresearch.com/cs/37296060/beacon.js
54.230.111.125302 Found 0 B URL HTTP/2 sb.scorecardresearch.com/cs/37296060/beacon.js
IP 54.230.111.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cs/37296060/beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
date: Tue, 07 Feb 2023 11:56:35 GMT
location: /internal-cs/default/beacon.js
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _vqQdiQoRkG7ehw8iqD2QjOOf2PNCiNjPrBZe9vMV7Ip-btZHYE-OQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9a60d6016cd998299b6665a91c01695f
6602b5a94afbe5ff3b999196d726e6424db77339
e290f612ebf43358e7d4e0f9f329f6d4b17550c61f7e0e0e62a5e6b57a42f260
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4598
Cache-Control: max-age=109989
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:35 GMT
Etag: "63e13522-1d7"
Expires: Wed, 08 Feb 2023 18:29:44 GMT
Last-Modified: Mon, 06 Feb 2023 17:13:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9a60d6016cd998299b6665a91c01695f
6602b5a94afbe5ff3b999196d726e6424db77339
e290f612ebf43358e7d4e0f9f329f6d4b17550c61f7e0e0e62a5e6b57a42f260
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4040
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:35 GMT
Last-Modified: Tue, 07 Feb 2023 10:49:15 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Ek9KKdlrmOIC+cJy9/jgtWLBGWuw5b9SEOSM2aYSWWsNdrJ2mRmXMLK1vm0bIsPN2t7/w4RDXZx9/voZWbpB3g==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Tue, 07 Feb 2023 11:56:35 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/zh_TW/sdk.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/zh_TW/sdk.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash c1181f82f469e15981d974318f0daab2
ea15089423c47da0ec7c7b886d664179a3ca17d6
075a9abd27961875914a71810b7f025269f660ca463185fccd6024e525a2cb74
GET /zh_TW/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 98f58e1deba1aa422ed8d39ab2d5cb15
etag: "bf2fee3839e4a78952c94ec1c5fee95b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 07 Feb 2023 12:05:51 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: wRgfgvRp4VmB2XQxjw2qsg==
x-fb-debug: 0AWKrMPmZL4j9OqDUTb3qN/vwRp1UhJN9smU2dUNrV46vhpbwgpF95HR8jZN1y1bKnjLAvxV8Pfh6Gq5DTMnug==
priority: u=3,i
content-length: 1689
x-fb-trip-id: 1679558926
date: Tue, 07 Feb 2023 11:56:35 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9a60d6016cd998299b6665a91c01695f
6602b5a94afbe5ff3b999196d726e6424db77339
e290f612ebf43358e7d4e0f9f329f6d4b17550c61f7e0e0e62a5e6b57a42f260
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4598
Cache-Control: max-age=109989
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:35 GMT
Etag: "63e13522-1d7"
Expires: Wed, 08 Feb 2023 18:29:44 GMT
Last-Modified: Mon, 06 Feb 2023 17:13:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
adservice.google.com/adsid/integrator.js?domain=fziccordim.cyou
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=fziccordim.cyou
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=fziccordim.cyou HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 07 Feb 2023 11:56:35 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.dable.io/dist/lazysizes.min.js
104.110.26.183200 OK 3.5 kB URL HTTP/1.1 static.dable.io/dist/lazysizes.min.js
IP 104.110.26.183:0
File type ASCII text, with very long lines (7862)
Hash 43ccdc6c872ea1612d3117daf06d5f5c
6e819a4ca92c452f4babff3effd2ffc7a7e61cad
344d24df8a1754b48b7afe09446fca31472010c447dcede3db74c8065ccfb357
GET /dist/lazysizes.min.js HTTP/1.1
Host: static.dable.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/javascript
ETag: "45bacd312d5098b4b59f563d8756c15d"
Last-Modified: Tue, 11 Oct 2022 08:24:14 GMT
Server: nginx/1.20.0
x-amz-id-2: M5y0y7r9fXGWnXNbuL1iZq6uqqLGvZB/MBIl0UUSC3Q4fscabv/JsyWbmi+3ituhcoywQ+ZY4Xc=
x-amz-request-id: H85JDPX18PR73DVW
x-amz-version-id: oQjE9Cgu.fDP9JoPsarsDPwE_iWbT35Q
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 07 Feb 2023 11:56:35 GMT
Content-Length: 3494
Connection: keep-alive
ec34ffc962b2c16d91902805e1d14328.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.207.193200 OK 2.7 kB URL HTTP/2 ec34ffc962b2c16d91902805e1d14328.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: ec34ffc962b2c16d91902805e1d14328.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Tue, 07 Feb 2023 11:56:35 GMT
expires: Wed, 07 Feb 2024 11:56:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f2959d9b9400a4644b875fe38dc42410
9d97b305dafb650dc275edcc898d5bd111316148
525ba52edb1671d4632fea8985ced29b62ad0a9e4cf5ff34d1d3b694c92f7a22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5972
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:35 GMT
Last-Modified: Tue, 07 Feb 2023 10:17:03 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279
in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1675771045205&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3BjIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEyLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjEyLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJuZXdzLmN0cy5jb20udHciLCJ1cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsImxvZ2lkIjoiMDhjZTZmMGYtOWJhOS00Y2NjLWE0MzktMTNhOTE2MWE3Y2UxIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback0
52.203.62.160200 OK 89 B URL HTTP/1.1 in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1675771045205&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3BjIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEyLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjEyLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJuZXdzLmN0cy5jb20udHciLCJ1cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsImxvZ2lkIjoiMDhjZTZmMGYtOWJhOS00Y2NjLWE0MzktMTNhOTE2MWE3Y2UxIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback0
IP 52.203.62.160:0
File type ASCII text, with no line terminators
Hash 1aab68895d622f0676a77d85793daa71
7939e759c1b05f6237c55b10363610c9a5048e30
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
GET /js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1675771045205&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoiIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3BjIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEyLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjEyLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJuZXdzLmN0cy5jb20udHciLCJ1cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsImxvZ2lkIjoiMDhjZTZmMGYtOWJhOS00Y2NjLWE0MzktMTNhOTE2MWE3Y2UxIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback0 HTTP/1.1
Host: in.treasuredata.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Content-Type: application/javascript
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 07 Feb 2023 11:56:35 GMT
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Set-Cookie: _td_global=03021554-e549-4357-85e6-56a1b5a9dc34; Path=/; Expires=Thu, 06 Feb 2025 11:56:35 GMT; Domain=in.treasuredata.com
Content-Length: 89
Connection: keep-alive
log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im5ld3MuY3RzLmNvbS50dyIsInVybCI6Imh0dHA6Ly9memljY29yZGltLmN5b3UvIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiRmlyZWZveCIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMzdiZGVmYjUtMGNiMC00YWIxLWJhZmQtMGM1OTcyYmExMmI4IiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1675771045195
119.63.198.143200 OK 66 B URL HTTP/2 log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im5ld3MuY3RzLmNvbS50dyIsInVybCI6Imh0dHA6Ly9memljY29yZGltLmN5b3UvIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiRmlyZWZveCIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMzdiZGVmYjUtMGNiMC00YWIxLWJhZmQtMGM1OTcyYmExMmI4IiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1675771045195
IP 119.63.198.143:0
File type PC bitmap, Windows 3.x format, 1 x 1 x 1, image size 4, cbSize 66, bits offset 62\012- data
Hash 7c62116208fd10b243e77e186f4163c6
179106268a896c22cace0e460a834b99c6e28baf
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
GET /log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im5ld3MuY3RzLmNvbS50dyIsInVybCI6Imh0dHA6Ly9memljY29yZGltLmN5b3UvIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiRmlyZWZveCIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMzdiZGVmYjUtMGNiMC00YWIxLWJhZmQtMGM1OTcyYmExMmI4IiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1675771045195 HTTP/1.1
Host: log.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Cookie: uid=36ae1c651f96b49f8391675771043397
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.13.5
date: Tue, 07 Feb 2023 11:56:35 GMT
content-type: image/jpeg
content-length: 66
last-modified: Thu, 13 Dec 2018 07:19:53 GMT
etag: "5c120819-42"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ytimg.com/vi/J-0eSrOlMCw/sddefault.jpg
142.250.74.182200 OK 66 B URL HTTP/2 i.ytimg.com/vi/J-0eSrOlMCw/sddefault.jpg
IP 142.250.74.182:0
File type PC bitmap, Windows 3.x format, 1 x 1 x 1, image size 4, cbSize 66, bits offset 62\012- data
Hash 7c62116208fd10b243e77e186f4163c6
179106268a896c22cace0e460a834b99c6e28baf
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
GET /vi/J-0eSrOlMCw/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 59213
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 11:56:34 GMT
expires: Tue, 07 Feb 2023 13:56:34 GMT
cache-control: public, max-age=7200
etag: "1663847471"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibmV3cy5jdHMuY29tLnR3IiwidXJsIjoiaHR0cDovL2Z6aWNjb3JkaW0uY3lvdS8iLCJsb2dpZCI6IjA4Y2U2ZjBmLTliYTktNGNjYy1hNDM5LTEzYTkxNjFhN2NlMSIsInVpZCI6IjM2YWUxYzY1MWY5NmI0OWY4MzkxNjc1NzcxMDQzMzk3IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMzdiZGVmYjUtMGNiMC00YWIxLWJhZmQtMGM1OTcyYmExMmI4IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTI4MHgxMDI0IiwidGRfdmlld3BvcnQiOiIxMjgweDkzOSIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cDovL2Z6aWNjb3JkaW0uY3lvdS8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJmemljY29yZGltLmN5b3UiLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkZpcmVmb3giLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDUuMC4wIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjM3YmRlZmI1LTBjYjAtNGFiMS1iYWZkLTBjNTk3MmJhMTJiOCIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1675771045209
119.63.198.143200 OK 66 B URL HTTP/2 log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibmV3cy5jdHMuY29tLnR3IiwidXJsIjoiaHR0cDovL2Z6aWNjb3JkaW0uY3lvdS8iLCJsb2dpZCI6IjA4Y2U2ZjBmLTliYTktNGNjYy1hNDM5LTEzYTkxNjFhN2NlMSIsInVpZCI6IjM2YWUxYzY1MWY5NmI0OWY4MzkxNjc1NzcxMDQzMzk3IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMzdiZGVmYjUtMGNiMC00YWIxLWJhZmQtMGM1OTcyYmExMmI4IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTI4MHgxMDI0IiwidGRfdmlld3BvcnQiOiIxMjgweDkzOSIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cDovL2Z6aWNjb3JkaW0uY3lvdS8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJmemljY29yZGltLmN5b3UiLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkZpcmVmb3giLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDUuMC4wIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjM3YmRlZmI1LTBjYjAtNGFiMS1iYWZkLTBjNTk3MmJhMTJiOCIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1675771045209
IP 119.63.198.143:0
File type PC bitmap, Windows 3.x format, 1 x 1 x 1, image size 4, cbSize 66, bits offset 62\012- data
Hash 7c62116208fd10b243e77e186f4163c6
179106268a896c22cace0e460a834b99c6e28baf
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
GET /log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibmV3cy5jdHMuY29tLnR3IiwidXJsIjoiaHR0cDovL2Z6aWNjb3JkaW0uY3lvdS8iLCJsb2dpZCI6IjA4Y2U2ZjBmLTliYTktNGNjYy1hNDM5LTEzYTkxNjFhN2NlMSIsInVpZCI6IjM2YWUxYzY1MWY5NmI0OWY4MzkxNjc1NzcxMDQzMzk3IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMzdiZGVmYjUtMGNiMC00YWIxLWJhZmQtMGM1OTcyYmExMmI4IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTI4MHgxMDI0IiwidGRfdmlld3BvcnQiOiIxMjgweDkzOSIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cDovL2Z6aWNjb3JkaW0uY3lvdS8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjAiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJmemljY29yZGltLmN5b3UiLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkZpcmVmb3giLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDUuMC4wIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjM3YmRlZmI1LTBjYjAtNGFiMS1iYWZkLTBjNTk3MmJhMTJiOCIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1675771045209 HTTP/1.1
Host: log.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Cookie: uid=36ae1c651f96b49f8391675771043397
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.13.5
date: Tue, 07 Feb 2023 11:56:35 GMT
content-type: image/jpeg
content-length: 66
last-modified: Thu, 13 Dec 2018 07:19:53 GMT
etag: "5c120819-42"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
52.37.87.100302 0 B URL HTTP/1.1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
IP 52.37.87.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x.png HTTP/1.1
Host: redirect.prod.experiment.routing.cloudfront.aws.a2z.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 302
Date: Tue, 07 Feb 2023 11:56:35 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: http://a71a0bb0ce0a1f3f8805c06a53c3e9db4.profile.nrt12-c4.cloudfront.net/test.png
Server: Server
log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFuZGFyZF9wYyIsImV4cGVjdGVkX2FkIjo2LCJyZW5kZXJlZF9hZCI6NCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJuZXdzLmN0cy5jb20udHciLCJ1cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsImxvZ2lkIjoiMDhjZTZmMGYtOWJhOS00Y2NjLWE0MzktMTNhOTE2MWE3Y2UxIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiRmlyZWZveCIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMzdiZGVmYjUtMGNiMC00YWIxLWJhZmQtMGM1OTcyYmExMmI4IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1675771045230
119.63.198.143200 OK 66 B URL HTTP/2 log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFuZGFyZF9wYyIsImV4cGVjdGVkX2FkIjo2LCJyZW5kZXJlZF9hZCI6NCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJuZXdzLmN0cy5jb20udHciLCJ1cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsImxvZ2lkIjoiMDhjZTZmMGYtOWJhOS00Y2NjLWE0MzktMTNhOTE2MWE3Y2UxIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiRmlyZWZveCIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMzdiZGVmYjUtMGNiMC00YWIxLWJhZmQtMGM1OTcyYmExMmI4IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1675771045230
IP 119.63.198.143:0
File type PC bitmap, Windows 3.x format, 1 x 1 x 1, image size 4, cbSize 66, bits offset 62\012- data
Hash 7c62116208fd10b243e77e186f4163c6
179106268a896c22cace0e460a834b99c6e28baf
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
GET /log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFuZGFyZF9wYyIsImV4cGVjdGVkX2FkIjo2LCJyZW5kZXJlZF9hZCI6NCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJuZXdzLmN0cy5jb20udHciLCJ1cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsImxvZ2lkIjoiMDhjZTZmMGYtOWJhOS00Y2NjLWE0MzktMTNhOTE2MWE3Y2UxIiwidWlkIjoiMzZhZTFjNjUxZjk2YjQ5ZjgzOTE2NzU3NzEwNDMzOTciLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiRmlyZWZveCIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMzdiZGVmYjUtMGNiMC00YWIxLWJhZmQtMGM1OTcyYmExMmI4IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1675771045230 HTTP/1.1
Host: log.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Cookie: uid=36ae1c651f96b49f8391675771043397
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.13.5
date: Tue, 07 Feb 2023 11:56:35 GMT
content-type: image/jpeg
content-length: 66
last-modified: Thu, 13 Dec 2018 07:19:53 GMT
etag: "5c120819-42"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
api.dable.io/plugin/services/cts.com.tw%2Fpal-mate/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1
3.37.203.173200 OK 2.8 kB URL HTTP/2 api.dable.io/plugin/services/cts.com.tw%2Fpal-mate/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1
IP 3.37.203.173:0
Hash c0612ab843299e9d4936f5138eac597a
6de286b7544cf1d6f8f17390b2190ac83162b9ee
993ec24016a0098113c1a011bf0b0ebb6160c20b5be11a0fd86d15b30dc1fc03
GET /plugin/services/cts.com.tw%2Fpal-mate/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1 HTTP/1.1
Host: api.dable.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 11:56:35 GMT
content-type: text/javascript; charset=utf-8
server: istio-envoy
set-cookie: uid=76358236.1675770994329; Domain=.dable.io; Path=/; Expires=Fri, 06 Feb 2026 11:56:34 GMT; Secure; SameSite=None
_skp=1; Domain=.dable.io; Path=/; Expires=Wed, 08 Feb 2023 00:00:00 GMT; Secure; SameSite=None
_gg_ck_match=1; Domain=.dable.io; Path=/; Expires=Mon, 20 Feb 2023 00:00:00 GMT; Secure; SameSite=None
_nas_ck_match=1; Domain=.dable.io; Path=/; Expires=Mon, 20 Feb 2023 00:00:00 GMT; Secure; SameSite=None
_nh_ck_match=1; Domain=.dable.io; Path=/; Expires=Mon, 20 Feb 2023 00:00:00 GMT; Secure; SameSite=None
x-content-type-options: nosniff
etag: W/"31f-T60u8nR+Tfs8+tJIsU/GGXKVjNo"
content-encoding: gzip
x-envoy-upstream-service-time: 1158
x-envoy-decorator-operation: reco-api-service-local.reco-api.svc.cluster.local:80/*
X-Firefox-Spdy: h2
news.cts.com.tw/api/hotnews_realtime_block_jsonp.json?t=1675771043&callback=callback_hotnews_realtime&_=1675771042512
54.230.111.9200 OK 4.3 kB URL HTTP/2 news.cts.com.tw/api/hotnews_realtime_block_jsonp.json?t=1675771043&callback=callback_hotnews_realtime&_=1675771042512
IP 54.230.111.9:0
Hash 80424b5c0f5fa57a85cb48d8570bf672
96579d0e65da7199506f25a8b28179130d5a2785
3ea1695aed3ffcb088e75065d49cd080db27dc4f7790a0aeb32854d823e92483
GET /api/hotnews_realtime_block_jsonp.json?t=1675771043&callback=callback_hotnews_realtime&_=1675771042512 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 07 Feb 2023 11:56:34 GMT
etag: W/"1713395240"
last-modified: Tue, 07 Feb 2023 11:55:02 GMT
expires: Tue, 07 Feb 2023 12:01:34 GMT
cache-control: max-age=300
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9IOwwvivU2jNbWSBxywji3L17dSNf1sDDcFGjq_xSRiluCgpdPVspA==
X-Firefox-Spdy: h2
r.popin.cc/s.gif?url=http%3A%2F%2Ffziccordim.cyou%2F&uid=&type=pc_channel_pv&nid=pc&media=news.cts.com.tw&r5=ch_standard_pc&t=1675771045229&tz=tw
119.63.198.188200 OK 35 B URL HTTP/1.1 r.popin.cc/s.gif?url=http%3A%2F%2Ffziccordim.cyou%2F&uid=&type=pc_channel_pv&nid=pc&media=news.cts.com.tw&r5=ch_standard_pc&t=1675771045229&tz=tw
IP 119.63.198.188:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /s.gif?url=http%3A%2F%2Ffziccordim.cyou%2F&uid=&type=pc_channel_pv&nid=pc&media=news.cts.com.tw&r5=ch_standard_pc&t=1675771045229&tz=tw HTTP/1.1
Host: r.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 11:56:36 GMT
Content-Type: image/gif
Content-Length: 35
Last-Modified: Thu, 16 Sep 2021 06:17:57 GMT
Connection: keep-alive
ETag: "6142e195-23"
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
r.popin.cc/log.gif?type=related-tw&uid=36ae1c651f96b49f8391675771043397&url=http%3A%2F%2Ffziccordim.cyou%2F&t=1675771045231
119.63.198.188200 OK 35 B URL HTTP/1.1 r.popin.cc/log.gif?type=related-tw&uid=36ae1c651f96b49f8391675771043397&url=http%3A%2F%2Ffziccordim.cyou%2F&t=1675771045231
IP 119.63.198.188:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /log.gif?type=related-tw&uid=36ae1c651f96b49f8391675771043397&url=http%3A%2F%2Ffziccordim.cyou%2F&t=1675771045231 HTTP/1.1
Host: r.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 11:56:36 GMT
Content-Type: image/gif
Content-Length: 35
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Connection: keep-alive
ETag: "5d67294a-23"
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
r.popin.cc/s.gif?url=http%3A%2F%2Ffziccordim.cyou%2F&uid=36ae1c651f96b49f8391675771043397&type=pc_pv&nid=pc&media=news.cts.com.tw&r5=cc_NONE&t=1675771045208&tz=tw
119.63.198.188200 OK 35 B URL HTTP/1.1 r.popin.cc/s.gif?url=http%3A%2F%2Ffziccordim.cyou%2F&uid=36ae1c651f96b49f8391675771043397&type=pc_pv&nid=pc&media=news.cts.com.tw&r5=cc_NONE&t=1675771045208&tz=tw
IP 119.63.198.188:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /s.gif?url=http%3A%2F%2Ffziccordim.cyou%2F&uid=36ae1c651f96b49f8391675771043397&type=pc_pv&nid=pc&media=news.cts.com.tw&r5=cc_NONE&t=1675771045208&tz=tw HTTP/1.1
Host: r.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 11:56:36 GMT
Content-Type: image/gif
Content-Length: 35
Last-Modified: Tue, 10 Sep 2019 07:46:01 GMT
Connection: keep-alive
ETag: "5d7754b9-23"
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 884dfe806cb7b7035654bcf78347fce9
77e0d408b9118fff306ee540390a5e6df7c384e0
9eb0b948dfe88898cc227473ace9431da4cd7480c2e36cbfe32f67a08c38953b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 06:19:39 GMT
Expires: Tue, 14 Feb 2023 06:19:38 GMT
Etag: "77e0d408b9118fff306ee540390a5e6df7c384e0"
Cache-Control: max-age=583981,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795bf176bd61b51d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f2959d9b9400a4644b875fe38dc42410
9d97b305dafb650dc275edcc898d5bd111316148
525ba52edb1671d4632fea8985ced29b62ad0a9e4cf5ff34d1d3b694c92f7a22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=123400
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:36 GMT
Etag: "63e17b7c-117"
Expires: Wed, 08 Feb 2023 22:13:16 GMT
Last-Modified: Mon, 06 Feb 2023 22:13:16 GMT
Server: nginx
Content-Length: 279
cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=76358236.1675770994329&toast_push
103.243.202.190204 No Content 0 B URL HTTP/1.1 cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=76358236.1675770994329&toast_push
IP 103.243.202.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?cm_mid=1440080439&cm_muid=76358236.1675770994329&toast_push HTTP/1.1
Host: cm-exchange.toast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 07 Feb 2023 11:56:36 GMT
Connection: close
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"
Set-Cookie: BID=5YGXC73PVVAV63D0457G7RCTA; Path=/; Domain=.toast.com; Expires=Sat, 01 Jan 2050 09:00:00 GMT; Secure; SameSite=None
txmed_1440080439=76358236.1675770994329_:_EXP_:_1691322996; Path=/; Domain=.toast.com; Max-Age=15552000; Expires=Sun, 6 Aug 2023 11:56:36 GMT; Secure; SameSite=None
txsync=1675770996; Path=/; Domain=.toast.com; Max-Age=15552000; Expires=Sun, 6 Aug 2023 11:56:36 GMT; Secure; SameSite=None
api.popin.tw/recommend_module/discovery.php?uuid=&r=&u=http://fziccordim.cyou/&m=news.cts.com.tw&t=1675771045843&d=%7B%22ad%22:%5B%22%E6%B3%95%E4%BB%A4%E7%B4%8B%E8%80%8110%E6%AD%B2%EF%BC%9F%E7%9D%A1%E5%89%8D%E9%BB%83%E9%87%918%E7%A7%92%E9%90%98%E4%BF%9D%E9%A4%8A%EF%BC%8C7%E5%A4%A9%E7%B7%8A%E7%B7%BB%E6%8B%89%E6%8F%90%EF%BC%81%22,%22%E5%BE%9E%E5%BB%A3%E5%B3%B6%E6%9C%89%E5%90%8D%E7%9A%84%E3%80%8C%E8%83%BD%E9%87%8F%E5%9C%B0%E9%BB%9E%E3%80%8D%E5%AE%AE%E5%B3%B6%E5%BD%8C%E5%B1%B1%E4%BA%AB%E5%8F%97%E5%86%AC%E5%AD%A3%E7%BE%8E%E6%99%AF%EF%BC%81%22,%2230%E5%A4%A9%E4%BA%AE%E7%99%BD%E8%A8%88%E7%95%AB%EF%BC%81%E6%93%BA%E8%84%AB%E3%80%8C%E9%BB%91%E8%82%89%E5%BA%95%E3%80%8D%E6%AF%8F%E5%A4%A98%E7%A7%92%E9%A4%8A%E6%88%90%E5%85%89%E6%BB%91%E5%AB%A9%E5%AC%B0%E8%82%8C%22,%22%E5%86%AC%E5%A4%A9%E7%9A%84%E5%BB%A3%E5%B3%B6%E4%B9%8B%E6%97%85%E5%B0%B1%E5%88%B0%E3%80%8C%E6%81%90%E7%BE%85%E6%BC%A2%E9%9B%AA%E4%B8%8A%E6%A8%82%E5%9C%92%E3%80%8D%E6%A8%82%E4%BA%AB%E5%86%AC%E5%AD%A3%E9%99%90%E5%AE%9A%E9%81%8B%E5%8B%95%EF%BC%81%E4%BA%BA%E6%B0%A3%E6%99%AF%E9%BB%9E%EF%BC%86%E5%BF%85%E5%90%83%EF%BC%86%E5%BF%85%E8%B2%B7%EF%BC%86%E4%BA%A4%E9%80%9A%E6%87%B6%E4%BA%BA%E5%8C%85%22%5D,%22hot%22:%5B%5D%7D
104.21.91.59200 OK 0 B URL HTTP/2 api.popin.tw/recommend_module/discovery.php?uuid=&r=&u=http://fziccordim.cyou/&m=news.cts.com.tw&t=1675771045843&d=%7B%22ad%22:%5B%22%E6%B3%95%E4%BB%A4%E7%B4%8B%E8%80%8110%E6%AD%B2%EF%BC%9F%E7%9D%A1%E5%89%8D%E9%BB%83%E9%87%918%E7%A7%92%E9%90%98%E4%BF%9D%E9%A4%8A%EF%BC%8C7%E5%A4%A9%E7%B7%8A%E7%B7%BB%E6%8B%89%E6%8F%90%EF%BC%81%22,%22%E5%BE%9E%E5%BB%A3%E5%B3%B6%E6%9C%89%E5%90%8D%E7%9A%84%E3%80%8C%E8%83%BD%E9%87%8F%E5%9C%B0%E9%BB%9E%E3%80%8D%E5%AE%AE%E5%B3%B6%E5%BD%8C%E5%B1%B1%E4%BA%AB%E5%8F%97%E5%86%AC%E5%AD%A3%E7%BE%8E%E6%99%AF%EF%BC%81%22,%2230%E5%A4%A9%E4%BA%AE%E7%99%BD%E8%A8%88%E7%95%AB%EF%BC%81%E6%93%BA%E8%84%AB%E3%80%8C%E9%BB%91%E8%82%89%E5%BA%95%E3%80%8D%E6%AF%8F%E5%A4%A98%E7%A7%92%E9%A4%8A%E6%88%90%E5%85%89%E6%BB%91%E5%AB%A9%E5%AC%B0%E8%82%8C%22,%22%E5%86%AC%E5%A4%A9%E7%9A%84%E5%BB%A3%E5%B3%B6%E4%B9%8B%E6%97%85%E5%B0%B1%E5%88%B0%E3%80%8C%E6%81%90%E7%BE%85%E6%BC%A2%E9%9B%AA%E4%B8%8A%E6%A8%82%E5%9C%92%E3%80%8D%E6%A8%82%E4%BA%AB%E5%86%AC%E5%AD%A3%E9%99%90%E5%AE%9A%E9%81%8B%E5%8B%95%EF%BC%81%E4%BA%BA%E6%B0%A3%E6%99%AF%E9%BB%9E%EF%BC%86%E5%BF%85%E5%90%83%EF%BC%86%E5%BF%85%E8%B2%B7%EF%BC%86%E4%BA%A4%E9%80%9A%E6%87%B6%E4%BA%BA%E5%8C%85%22%5D,%22hot%22:%5B%5D%7D
IP 104.21.91.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /recommend_module/discovery.php?uuid=&r=&u=http://fziccordim.cyou/&m=news.cts.com.tw&t=1675771045843&d=%7B%22ad%22:%5B%22%E6%B3%95%E4%BB%A4%E7%B4%8B%E8%80%8110%E6%AD%B2%EF%BC%9F%E7%9D%A1%E5%89%8D%E9%BB%83%E9%87%918%E7%A7%92%E9%90%98%E4%BF%9D%E9%A4%8A%EF%BC%8C7%E5%A4%A9%E7%B7%8A%E7%B7%BB%E6%8B%89%E6%8F%90%EF%BC%81%22,%22%E5%BE%9E%E5%BB%A3%E5%B3%B6%E6%9C%89%E5%90%8D%E7%9A%84%E3%80%8C%E8%83%BD%E9%87%8F%E5%9C%B0%E9%BB%9E%E3%80%8D%E5%AE%AE%E5%B3%B6%E5%BD%8C%E5%B1%B1%E4%BA%AB%E5%8F%97%E5%86%AC%E5%AD%A3%E7%BE%8E%E6%99%AF%EF%BC%81%22,%2230%E5%A4%A9%E4%BA%AE%E7%99%BD%E8%A8%88%E7%95%AB%EF%BC%81%E6%93%BA%E8%84%AB%E3%80%8C%E9%BB%91%E8%82%89%E5%BA%95%E3%80%8D%E6%AF%8F%E5%A4%A98%E7%A7%92%E9%A4%8A%E6%88%90%E5%85%89%E6%BB%91%E5%AB%A9%E5%AC%B0%E8%82%8C%22,%22%E5%86%AC%E5%A4%A9%E7%9A%84%E5%BB%A3%E5%B3%B6%E4%B9%8B%E6%97%85%E5%B0%B1%E5%88%B0%E3%80%8C%E6%81%90%E7%BE%85%E6%BC%A2%E9%9B%AA%E4%B8%8A%E6%A8%82%E5%9C%92%E3%80%8D%E6%A8%82%E4%BA%AB%E5%86%AC%E5%AD%A3%E9%99%90%E5%AE%9A%E9%81%8B%E5%8B%95%EF%BC%81%E4%BA%BA%E6%B0%A3%E6%99%AF%E9%BB%9E%EF%BC%86%E5%BF%85%E5%90%83%EF%BC%86%E5%BF%85%E8%B2%B7%EF%BC%86%E4%BA%A4%E9%80%9A%E6%87%B6%E4%BA%BA%E5%8C%85%22%5D,%22hot%22:%5B%5D%7D HTTP/1.1
Host: api.popin.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 11:56:36 GMT
content-type: application/json; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.2.34
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSwf%2FnYEpdgGhkhYNbSyDgcW5wbc7cd163Au5Ae4MfJCBCc6N6EwqFdyelw6wnm1AelJ2fZHvEkAkRsPcxSkRCs7Oo%2BPTglKAdx1WnXmcU14diDC3MytYP7gFnvFtdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795bf1770fc1b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjkxLjkwLjQyLjE1NCIsInRkX2Jyb3dzZXIiOiJGaXJlZm94IiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA1LjAuMCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJrZXkiOiJrZXkxNjc1NzcxMDQzMzk4Iiwibm93IjoxNjc1NzcxMDQ1MjA5LCJjbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ1cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInVpZCI6IjM2YWUxYzY1MWY5NmI0OWY4MzkxNjc1NzcxMDQzMzk3Iiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJuZXdzLmN0cy5jb20udHciLCJkaXNoX2NhdGVnb3J5IjoiIiwiZGlzaF9kb21haW4iOiJmemljY29yZGltLmN5b3UiLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJsb2dpZCI6IjA4Y2U2ZjBmLTliYTktNGNjYy1hNDM5LTEzYTkxNjFhN2NlMSIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkb21haW4iOiJmemljY29yZGltLmN5b3UiLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
119.63.197.136200 OK 0 B URL HTTP/1.1 inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjkxLjkwLjQyLjE1NCIsInRkX2Jyb3dzZXIiOiJGaXJlZm94IiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA1LjAuMCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJrZXkiOiJrZXkxNjc1NzcxMDQzMzk4Iiwibm93IjoxNjc1NzcxMDQ1MjA5LCJjbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ1cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInVpZCI6IjM2YWUxYzY1MWY5NmI0OWY4MzkxNjc1NzcxMDQzMzk3Iiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJuZXdzLmN0cy5jb20udHciLCJkaXNoX2NhdGVnb3J5IjoiIiwiZGlzaF9kb21haW4iOiJmemljY29yZGltLmN5b3UiLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJsb2dpZCI6IjA4Y2U2ZjBmLTliYTktNGNjYy1hNDM5LTEzYTkxNjFhN2NlMSIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkb21haW4iOiJmemljY29yZGltLmN5b3UiLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
IP 119.63.197.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxMjgweDEwMjQiLCJ0ZF92aWV3cG9ydCI6IjEyODB4OTM5IiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImZ6aWNjb3JkaW0uY3lvdSIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjkxLjkwLjQyLjE1NCIsInRkX2Jyb3dzZXIiOiJGaXJlZm94IiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA1LjAuMCIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJrZXkiOiJrZXkxNjc1NzcxMDQzMzk4Iiwibm93IjoxNjc1NzcxMDQ1MjA5LCJjbGllbnRfaWQiOiIzN2JkZWZiNS0wY2IwLTRhYjEtYmFmZC0wYzU5NzJiYTEyYjgiLCJ1cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInVpZCI6IjM2YWUxYzY1MWY5NmI0OWY4MzkxNjc1NzcxMDQzMzk3Iiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJuZXdzLmN0cy5jb20udHciLCJkaXNoX2NhdGVnb3J5IjoiIiwiZGlzaF9kb21haW4iOiJmemljY29yZGltLmN5b3UiLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJsb2dpZCI6IjA4Y2U2ZjBmLTliYTktNGNjYy1hNDM5LTEzYTkxNjFhN2NlMSIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkb21haW4iOiJmemljY29yZGltLmN5b3UiLCJwb3Bpbl92ZXJzaW9uIjo2fQ== HTTP/1.1
Host: inrecsys.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Cookie: uid=36ae1c651f96b49f8391675771043397
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain
Cross-Origin-Resource-Policy: cross-origin
r-log.dable.io/s/cts.com.tw%2Fpal-mate/u/76358236.1675770994329/view?url=http%3A%2F%2Ffziccordim.cyou%2F&ref=&lang=en-US&items%5B0%5D%5Bid%5D=202209232092933&items%5B0%5D%5Bc1%5D=%E8%B2%A1%E7%B6%93&items%5B0%5D%5Blink%5D=https%3A%2F%2Fnews.cts.com.tw%2Fcts%2Fmoney%2F202209%2F202209232092933.html&cid=76358236.1675770994329&gdpr=0&z=811417&callback=dbljson2
3.35.198.121200 OK 54 B URL HTTP/2 r-log.dable.io/s/cts.com.tw%2Fpal-mate/u/76358236.1675770994329/view?url=http%3A%2F%2Ffziccordim.cyou%2F&ref=&lang=en-US&items%5B0%5D%5Bid%5D=202209232092933&items%5B0%5D%5Bc1%5D=%E8%B2%A1%E7%B6%93&items%5B0%5D%5Blink%5D=https%3A%2F%2Fnews.cts.com.tw%2Fcts%2Fmoney%2F202209%2F202209232092933.html&cid=76358236.1675770994329&gdpr=0&z=811417&callback=dbljson2
IP 3.35.198.121:0
File type ASCII text, with no line terminators
Hash 2627026715c59e11d3fe0be4ff344ffa
218a4b96d5d3ebdc688cb04a2495ae1514ccc5a7
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
GET /s/cts.com.tw%2Fpal-mate/u/76358236.1675770994329/view?url=http%3A%2F%2Ffziccordim.cyou%2F&ref=&lang=en-US&items%5B0%5D%5Bid%5D=202209232092933&items%5B0%5D%5Bc1%5D=%E8%B2%A1%E7%B6%93&items%5B0%5D%5Blink%5D=https%3A%2F%2Fnews.cts.com.tw%2Fcts%2Fmoney%2F202209%2F202209232092933.html&cid=76358236.1675770994329&gdpr=0&z=811417&callback=dbljson2 HTTP/1.1
Host: r-log.dable.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Cookie: uid=76358236.1675770994329; _skp=1; _gg_ck_match=1; _nas_ck_match=1; _nh_ck_match=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 11:56:36 GMT
content-type: text/javascript; charset=utf-8
content-length: 54
server: nginx/1.20.0
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a4a1f17a9b684a7f739a3b7b7cb70f1e
b4d52df2de1918c022bd7ae374fab1dab211424f
79265ceffb00c6f5a56106d98142fd9a4db3f192e69e4756f18785e7a0c4d51e
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5526
Cache-Control: max-age=135737
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:36 GMT
Etag: "63e19617-1d7"
Expires: Thu, 09 Feb 2023 01:38:53 GMT
Last-Modified: Tue, 07 Feb 2023 00:06:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eacdb128cb4c4270c389816f33b2bb15
97bdbd4416cf816e822421ea576175b7aeb2f7cf
436d88e47be153d724949abb1aeea7ec7f3880f703fc5c67c516f9fd7b51bb71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
142.250.74.66200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
IP 142.250.74.66:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=dable&google_cm HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Tue, 07 Feb 2023 11:56:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=fziccordim.cyou&callback=_gfp_s_&client=ca-pub-7608737321945861
216.58.207.226200 OK 256 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=fziccordim.cyou&callback=_gfp_s_&client=ca-pub-7608737321945861
IP 216.58.207.226:0
File type ASCII text, with very long lines (397), with no line terminators
Hash 97a0d4d0873a27efa76ed219d4e5bf1e
78b9c4bac65fa40433caf25e2a8340b283c522dc
b402c6ff4f4c8a2ca55f2b1662c6b73280122172d42bae98b9d96a638c8d5f9f
GET /gampad/cookie.js?domain=fziccordim.cyou&callback=_gfp_s_&client=ca-pub-7608737321945861 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 07 Feb 2023 11:56:37 GMT
server: cafe
cache-control: private
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eacdb128cb4c4270c389816f33b2bb15
97bdbd4416cf816e822421ea576175b7aeb2f7cf
436d88e47be153d724949abb1aeea7ec7f3880f703fc5c67c516f9fd7b51bb71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb.scorecardresearch.com/b?c1=2&c2=37296060&cs_it=b2&cv=3.8.0.210223&ns__t=1675771046519&ns_c=UTF-8&c7=http%3A%2F%2Ffziccordim.cyou%2F&c8=fziccordim.cyou&c9=
54.230.111.125204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=37296060&cs_it=b2&cv=3.8.0.210223&ns__t=1675771046519&ns_c=UTF-8&c7=http%3A%2F%2Ffziccordim.cyou%2F&c8=fziccordim.cyou&c9=
IP 54.230.111.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=37296060&cs_it=b2&cv=3.8.0.210223&ns__t=1675771046519&ns_c=UTF-8&c7=http%3A%2F%2Ffziccordim.cyou%2F&c8=fziccordim.cyou&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 07 Feb 2023 11:56:37 GMT
set-cookie: UID=1F43b833bda8564285221301675770997; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JbkvZnTm-hyKI-LY2HZs28y9-o22LVBgscHljcek1XU0_iZi0ZZfFQ==
X-Firefox-Spdy: h2
tw.popin.cc/popin_discovery/recommend?mode=new&url=http%3A%2F%2Ffziccordim.cyou%2F&&device=pc&media=news.cts.com.tw&extra=windows&agency=ftk&topn=50&ad=12&r_category=all&country=tw&redirect=true&uid=36ae1c651f96b49f8391675771043397&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkZpcmVmb3giLCJ1c2VyX3RkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAiLCJ1c2VyX3RkX3NjcmVlbiI6IjEyODB4MTAyNCIsInVzZXJfdGRfdmlld3BvcnQiOiIxMjgweDkzOSIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii8iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiZnppY2NvcmRpbS5jeW91IiwidXNlcl90ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJmemljY29yZGltLmN5b3UiLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNjc1NzcxMDQzMzk4LCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&callback=_p6_986915c6d54b
119.63.198.189200 OK 18 kB URL HTTP/2 tw.popin.cc/popin_discovery/recommend?mode=new&url=http%3A%2F%2Ffziccordim.cyou%2F&&device=pc&media=news.cts.com.tw&extra=windows&agency=ftk&topn=50&ad=12&r_category=all&country=tw&redirect=true&uid=36ae1c651f96b49f8391675771043397&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkZpcmVmb3giLCJ1c2VyX3RkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAiLCJ1c2VyX3RkX3NjcmVlbiI6IjEyODB4MTAyNCIsInVzZXJfdGRfdmlld3BvcnQiOiIxMjgweDkzOSIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii8iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiZnppY2NvcmRpbS5jeW91IiwidXNlcl90ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJmemljY29yZGltLmN5b3UiLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNjc1NzcxMDQzMzk4LCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&callback=_p6_986915c6d54b
IP 119.63.198.189:0
Hash 8fa5f5cad56d84d23b2cc36dcf24e214
d8ca008b98e0fc4f072c0f63bdc886bbb2479140
fc3ffa34a4b8fe95f5c0b84e72f578f11d49f975a2ffa2b7a4c6c21065cd096f
GET /popin_discovery/recommend?mode=new&url=http%3A%2F%2Ffziccordim.cyou%2F&&device=pc&media=news.cts.com.tw&extra=windows&agency=ftk&topn=50&ad=12&r_category=all&country=tw&redirect=true&uid=36ae1c651f96b49f8391675771043397&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkZpcmVmb3giLCJ1c2VyX3RkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNS4wLjAiLCJ1c2VyX3RkX3NjcmVlbiI6IjEyODB4MTAyNCIsInVzZXJfdGRfdmlld3BvcnQiOiIxMjgweDkzOSIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEwNS4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEwNS4wIiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii8iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiZnppY2NvcmRpbS5jeW91IiwidXNlcl90ZF91cmwiOiJodHRwOi8vZnppY2NvcmRpbS5jeW91LyIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJmemljY29yZGltLmN5b3UiLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNjc1NzcxMDQzMzk4LCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&callback=_p6_986915c6d54b HTTP/1.1
Host: tw.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.13.5
date: Tue, 07 Feb 2023 11:56:35 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
set-cookie: uid=36ae1c651f96b49f8391675771043397; Domain=popin.cc; Path=/; Max-Age=31536000; SameSite=None; Secure
cross-origin-resource-policy: cross-origin
content-encoding: gzip
X-Firefox-Spdy: h2
www.cts.com.tw/images/2018cts/search-icon2.svg
54.230.111.9200 OK 698 B URL HTTP/2 www.cts.com.tw/images/2018cts/search-icon2.svg
IP 54.230.111.9:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 86ca4c97cc8f9d64ce470850b5257509
7db454a0473ee1dbd3622d479761931957fb3d02
cdaf4758f7cb1c26731bd50505961979100f498d4d324cd14a609eeb658813a1
GET /images/2018cts/search-icon2.svg HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cts.com.tw/css/cts2018.css?v=85
Cookie: AWSALBCORS=EcdYDuTso/W1ppUROwqC7olOOLP037sQS35sDfJhbfxT5fETMzDJgAUHn8+xePdDLpjHJsc7FThjmpfCBnvFhWKaQ1QrhVjtd0HL8YA4saEZk9VQKe40+wgZD2BU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 698
date: Fri, 03 Feb 2023 22:10:39 GMT
accept-ranges: bytes
etag: "3664376552"
last-modified: Tue, 12 Feb 2019 07:39:25 GMT
expires: Fri, 10 Feb 2023 22:10:39 GMT
cache-control: max-age=604800
server: lighttpd/1.4.53
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tjcq3ZBaYIXwQJN0HmuvnDv4QR2bWnKb7xHmy93kA4ymQN8xM-1DhA==
age: 308757
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.98200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.98:0
File type ASCII text, with very long lines (3504)
Hash 40b8ffdc606e81703c5f6a39df96f373
0a39b905fe6b8f947d256b01614abcdd27baef65
93cfc3bdb53008e8640dee5f3e7515b10a9b2959e69d8f2919f3d243cf547f36
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49146
date: Tue, 07 Feb 2023 11:56:37 GMT
expires: Tue, 07 Feb 2023 11:56:37 GMT
cache-control: private, max-age=3000
etag: "1675254965429469"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
clients1.google.com/generate_204
142.250.74.110204 No Content 0 B URL HTTP/1.1 clients1.google.com/generate_204
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204 HTTP/1.1
Host: clients1.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 204 No Content
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 07 Feb 2023 11:56:37 GMT
analytics.ad.daum.net/match?d=111&uid=76358236.1675770994329
121.53.104.194307 Temporary Redirect 0 B URL HTTP/2 analytics.ad.daum.net/match?d=111&uid=76358236.1675770994329
IP 121.53.104.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?d=111&uid=76358236.1675770994329 HTTP/1.1
Host: analytics.ad.daum.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Tue, 07 Feb 2023 11:56:37 GMT
content-length: 0
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230207%22,%22u%22:%2276358236.1675770994329%22%7D%7D
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
set-cookie: DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220230207%22%2C%22u%22%3A%2276358236.1675770994329%22%7D%7D; Path=/; Domain=.ad.daum.net; Max-Age=7776000; Expires=Mon, 08 May 2023 11:56:37 GMT; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
a71a0bb0ce0a1f3f8805c06a53c3e9db4.profile.nrt12-c4.cloudfront.net/test.png
13.225.166.20200 OK 58 B URL HTTP/1.1 a71a0bb0ce0a1f3f8805c06a53c3e9db4.profile.nrt12-c4.cloudfront.net/test.png
IP 13.225.166.20:0
File type ASCII text, with no line terminators
Hash b1935f865a4eade8564b6ef4b022f27f
f42746792e52473c4d9e152aceb7080550d3c1e5
21c52b1622a4539bf82dbc7fd4a2638cdde3b8151697eb5c4d3dbb426576fbaa
GET /test.png HTTP/1.1
Host: a71a0bb0ce0a1f3f8805c06a53c3e9db4.profile.nrt12-c4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fziccordim.cyou/
Connection: keep-alive
HTTP/1.1 200 OK
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:37 GMT
Content-Type: text/plain
Content-Length: 58
Connection: keep-alive
Expires: Tue, 07 Feb 2023 11:56:37 GMT
Cache-Control: max-age=0
X-Amz-Cf-Id: kV3tiwXk4WoSzHbj4T1hNCyKnQTZ4DTkSD1_UpA9r8Q1c2pjIbWiqw==
X-Cache: RoutingProfileExp from cloudfront
Via: 1.1 51840d06a8ec9d04d9a07458d05eb7ce.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
cse.google.com/adsense/search/async-ads.js
172.217.21.174200 OK 52 kB URL HTTP/1.1 cse.google.com/adsense/search/async-ads.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1745)
Hash d7abaa8a8335aa711996e49be622f0ae
fb2bee4b0867e84c52ef7d073ead2265219e39e1
97fe6edf7b2aa37553faf55a3c18d82310d2a6e329a5fe58f7bd00d2b9519aa3
GET /adsense/search/async-ads.js HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Tue, 07 Feb 2023 11:56:37 GMT
Expires: Tue, 07 Feb 2023 11:56:37 GMT
Cache-Control: private, max-age=3600
ETag: "16345307704952310926"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
www.facebook.com/tr/?id=2481485378552981&ev=PageView&dl=http%3A%2F%2Ffziccordim.cyou%2F&rl=&if=false&ts=1675771046791&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675771046790.910732207&it=1675771045178&coo=false&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2481485378552981&ev=PageView&dl=http%3A%2F%2Ffziccordim.cyou%2F&rl=&if=false&ts=1675771046791&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675771046790.910732207&it=1675771045178&coo=false&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2481485378552981&ev=PageView&dl=http%3A%2F%2Ffziccordim.cyou%2F&rl=&if=false&ts=1675771046791&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675771046790.910732207&it=1675771045178&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 07 Feb 2023 11:56:37 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=496968817147210&ev=fb_page_view&dl=http%3A%2F%2Ffziccordim.cyou%2F&rl=&if=false&ts=1675771046805&sw=1280&sh=1024&at=
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=496968817147210&ev=fb_page_view&dl=http%3A%2F%2Ffziccordim.cyou%2F&rl=&if=false&ts=1675771046805&sw=1280&sh=1024&at=
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=496968817147210&ev=fb_page_view&dl=http%3A%2F%2Ffziccordim.cyou%2F&rl=&if=false&ts=1675771046805&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 07 Feb 2023 11:56:37 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=496968817147210&ev=fb_page_view&dl=http%3A%2F%2Ffziccordim.cyou%2F&rl=&if=false&ts=1675771046802&sw=1280&sh=1024&at=
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=496968817147210&ev=fb_page_view&dl=http%3A%2F%2Ffziccordim.cyou%2F&rl=&if=false&ts=1675771046802&sw=1280&sh=1024&at=
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=496968817147210&ev=fb_page_view&dl=http%3A%2F%2Ffziccordim.cyou%2F&rl=&if=false&ts=1675771046802&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 07 Feb 2023 11:56:37 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash afe7db92a730b1a76bed3113f60da924
531e2ba6a5907332e9e77fdcc2d88da9adb5f703
04534a7ebb8a6583102a0a532496c38d09b744572f1d01a5da952ff4a2b9825f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 06d815015d1af41f6e0d7a30bd4316f6
fc01700c9dacd02e0ab5b0777994db6000b7555e
4d1db7ce3893d208f0361410103a66e51948c74a1dd9c5c0a4b54d26e1314063
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3815
Cache-Control: max-age=172199
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:37 GMT
Etag: "63e22b35-1d7"
Expires: Thu, 09 Feb 2023 11:46:36 GMT
Last-Modified: Tue, 07 Feb 2023 10:43:01 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6251475-1&cid=368411405.1675771043&jid=857290554&gjid=775314956&_gid=428017947.1675771047&_u=YADAAEAAQAAAACAAI~&z=1641018743
64.233.162.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6251475-1&cid=368411405.1675771043&jid=857290554&gjid=775314956&_gid=428017947.1675771047&_u=YADAAEAAQAAAACAAI~&z=1641018743
IP 64.233.162.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6251475-1&cid=368411405.1675771043&jid=857290554&gjid=775314956&_gid=428017947.1675771047&_u=YADAAEAAQAAAACAAI~&z=1641018743 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://fziccordim.cyou
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://fziccordim.cyou
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 07 Feb 2023 11:56:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash afe7db92a730b1a76bed3113f60da924
531e2ba6a5907332e9e77fdcc2d88da9adb5f703
04534a7ebb8a6583102a0a532496c38d09b744572f1d01a5da952ff4a2b9825f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2e90fb4abc4adea51d5da8fca3895c90
9ea128cefd8a4e91bc93a306cdafdcf5c0b99a40
6de37bd6d8e446c4e3b2d739ad311f23c403bb59c6adbfade793b274da3b5f28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6251475-1&cid=368411405.1675771043&jid=857290554&_u=YADAAEAAQAAAACAAI~&z=748988325
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6251475-1&cid=368411405.1675771043&jid=857290554&_u=YADAAEAAQAAAACAAI~&z=748988325
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6251475-1&cid=368411405.1675771043&jid=857290554&_u=YADAAEAAQAAAACAAI~&z=748988325 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 11:56:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2e90fb4abc4adea51d5da8fca3895c90
9ea128cefd8a4e91bc93a306cdafdcf5c0b99a40
6de37bd6d8e446c4e3b2d739ad311f23c403bb59c6adbfade793b274da3b5f28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230207%22,%22u%22:%2276358236.1675770994329%22%7D%7D
121.53.104.194200 OK 0 B URL HTTP/2 act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230207%22,%22u%22:%2276358236.1675770994329%22%7D%7D
IP 121.53.104.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220230207%22,%22u%22:%2276358236.1675770994329%22%7D%7D HTTP/1.1
Host: act.ds.kakao.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 11:56:37 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
set-cookie: DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220230207%22%2C%22u%22%3A%2276358236.1675770994329%22%7D%7D; Path=/; Domain=.ds.kakao.com; Max-Age=7776000; Expires=Mon, 08 May 2023 11:56:37 GMT; Secure; SameSite=None
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 59c48b57b813f0cfe72b4d482192171f
ff75f06954b9e05c85f7f733f112f556f66ff4a6
245406b65009984ff3278f2d289fc74be76cdedb0a2afc3af5c43f76199887a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 07 Feb 2023 01:06:14 GMT
Expires: Tue, 14 Feb 2023 01:06:13 GMT
Etag: "ff75f06954b9e05c85f7f733f112f556f66ff4a6"
Cache-Control: max-age=565174,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795bf17faba3b51d-OSL
idsync.admixer.co.kr/idsync?pid=120&uid=76358236.1675770994329
183.110.238.136200 OK 43 B URL HTTP/1.1 idsync.admixer.co.kr/idsync?pid=120&uid=76358236.1675770994329
IP 183.110.238.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /idsync?pid=120&uid=76358236.1675770994329 HTTP/1.1
Host: idsync.admixer.co.kr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: close
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache, no-store
Expires: Mon, 01 Jan 2000 00:00:00 +0900
Date: Tue, 07-Feb-2023 20:56:37 +0900
Content-Length: 43
Content-Type: image/gif;
Set-Cookie: __auid=34d6e98580cb82bdf2fd5bf7d94ec1c8; domain=admixer.co.kr; expires=Thu, 06-Feb-2025 20:56:37 +0900; SameSite=None; Secure
__puid_120=76358236.1675770994329; domain=admixer.co.kr; expires=Thu, 06-Feb-2025 20:56:37 +0900; SameSite=None; Secure
__id_utm=20230207; domain=admixer.co.kr; expires=Thu, 06-Feb-2025 20:56:37 +0900; SameSite=None; Secure
__id_inf_120=0_76358236.1675770994329; domain=admixer.co.kr; expires=Thu, 06-Feb-2025 20:56:37 +0900; SameSite=None; Secure
img.scupio.com/html/ad.html?v=1.0.65
54.230.111.94200 OK 56 kB URL HTTP/2 img.scupio.com/html/ad.html?v=1.0.65
IP 54.230.111.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13977)
Hash 3d0c5cfe07af5f4eddf32c94d00fb768
b7780e6719c18167cf813cc517b4e3f2375957cb
9adb06dc22c8459e77f819930de3644220ea1463a05a5f19b2a67b339eb1a2a9
GET /html/ad.html?v=1.0.65 HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Thu, 18 Aug 2022 08:25:22 GMT
content-encoding: gzip
date: Tue, 07 Feb 2023 11:19:02 GMT
expires: Thu, 09 Mar 2023 11:17:23 GMT
cache-control: max-age=2592000
etag: W/"62fdf772-14d93"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0mZoWi6gSkxhzuletDcE5XSbKzSCCJrrNp0AorzIVWPqlHdfbStpVw==
age: 2355
vary: Origin
X-Firefox-Spdy: h2
img.scupio.com/js/prebid.js?v=5.20.0
54.230.111.94200 OK 96 kB URL HTTP/2 img.scupio.com/js/prebid.js?v=5.20.0
IP 54.230.111.94:0
Hash 673afc439707744c2b94f9282413ba50
f32c4ee728c29567590a0530efe253e9fb3cf031
ebfcc88f8ec8548953392ab485bc2d9b212b6ee64efab11d10c7ea0bec079660
GET /js/prebid.js?v=5.20.0 HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx/1.12.1
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
content-encoding: gzip
date: Tue, 07 Feb 2023 11:52:58 GMT
expires: Thu, 09 Mar 2023 11:52:40 GMT
cache-control: max-age=2592000
etag: W/"62ba97a3-3b047"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8voQs3sJT1ElkU_eXWE38ID7YGDU8zBKlFPCQEyxnet8YIKGXAPklQ==
age: 238
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f48592c9ce931276d6e5e6e7e342cc3
55bfae3bef5fb97c8262eb622a54a0f603d41ec9
36472b536e89d8c01926bcdb2e23240f69f0bd7cde3b39a53a75b0a804291fd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cts.com.tw/js/scupioRWD_20211028001.js
54.230.111.9200 OK 6.9 kB URL HTTP/2 www.cts.com.tw/js/scupioRWD_20211028001.js
IP 54.230.111.9:0
File type ASCII text, with very long lines (1321), with CRLF, LF line terminators
Hash 39f21a6e3d4b871cc1b6c17834a14dce
b0b62e995ed535a5039b847c53b5e969db6317ce
2564a112038f8179eeb0c99372a2d031950ec74ecde62ac13182899cfee41bd3
GET /js/scupioRWD_20211028001.js HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Cookie: AWSALBCORS=EcdYDuTso/W1ppUROwqC7olOOLP037sQS35sDfJhbfxT5fETMzDJgAUHn8+xePdDLpjHJsc7FThjmpfCBnvFhWKaQ1QrhVjtd0HL8YA4saEZk9VQKe40+wgZD2BU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 07 Feb 2023 11:56:37 GMT
etag: W/"1352752300"
last-modified: Thu, 28 Oct 2021 08:35:20 GMT
expires: Tue, 07 Feb 2023 12:56:37 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WcYAwQu_hGQaS4ToV3h32WbkLWs56NOcYIEuALLIXrIPk1fCAMSFtA==
X-Firefox-Spdy: h2
img.scupio.com/js/ad.js
54.230.111.94200 OK 29 kB IP 54.230.111.94:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 558df640ea0294971d6a832729f8c017
cd317ad22c8fbe90b3f641f85e458e25fae40775
6bf13b1f524f7448c59f985eed3688a9f3443f32aa32e32876048a42c9cab428
GET /js/ad.js HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 19 Sep 2022 02:16:55 GMT
content-encoding: gzip
date: Tue, 07 Feb 2023 11:52:56 GMT
expires: Tue, 07 Feb 2023 12:07:35 GMT
cache-control: max-age=900
etag: W/"6327d117-12f95"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: taAXRN8ABUM_P6Sq_8q7PeVby0D13oTG6s1Ct1iLbE2RKBpiOAynjw==
age: 242
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
img.scupio.com/js/config/currency.json
54.230.111.94200 OK 108 B URL HTTP/2 img.scupio.com/js/config/currency.json
IP 54.230.111.94:0
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash a4ee96b16d5d0e80f28645f626f246e9
887819bd88b26fe100a3954abd5fa5dd75c9e6fc
7a947015556d173e1fa7ddea0d3f1cee73562d5f87d2272a065cf4e80dd04bd2
GET /js/config/currency.json HTTP/1.1
Host: img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Connection: keep-alive
Referer: https://img.scupio.com/html/ad.html?v=1.0.65
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 108
server: nginx/1.12.1
last-modified: Mon, 06 Feb 2023 19:15:04 GMT
accept-ranges: bytes
date: Tue, 07 Feb 2023 11:56:38 GMT
expires: Tue, 07 Feb 2023 14:56:15 GMT
cache-control: max-age=10800
etag: "63e151b8-6c"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kYlhKqMuflKZlzZ1u_Epwqk4VJKpnbD-axdZfesDZoQGYS-hAL9tfQ==
age: 23
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7a9a83b26833b385aa7cbe1172fc246
c550b3f62c9b83136a19abca52bdcc7930162679
c03969075e7bdd7d2b2d2105c489fe686950d9f1f2abf6f390e91a9fee9c4d28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C03969075E7BDD7D2B2D2105C489FE686950D9F1F2ABF6F390E91A9FEE9C4D28"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4415
Expires: Tue, 07 Feb 2023 13:10:14 GMT
Date: Tue, 07 Feb 2023 11:56:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3b643538a5ffef8b92daec722cd042c0
d416e3a25a9f651d00dbce0768cbdc0f24532cd7
6804376276640b4c372f5a01dd4b5b2dff44edb49369f88da7fa23d8f4e1afed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5788
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:39 GMT
Last-Modified: Tue, 07 Feb 2023 10:20:11 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a20fd48edb3d19d94297099ec240a371
46e9252c9285e12d1132d598e0c43b3d5b7d8903
a628727a2d05c1e72c5a258b9e87b14aa3bda9ce847a27658c793297c325621a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5735
Cache-Control: max-age=139550
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:39 GMT
Etag: "63e1a42f-1d7"
Expires: Thu, 09 Feb 2023 02:42:29 GMT
Last-Modified: Tue, 07 Feb 2023 01:06:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a20fd48edb3d19d94297099ec240a371
46e9252c9285e12d1132d598e0c43b3d5b7d8903
a628727a2d05c1e72c5a258b9e87b14aa3bda9ce847a27658c793297c325621a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5753
Cache-Control: max-age=139569
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:39 GMT
Etag: "63e1a42f-1d7"
Expires: Thu, 09 Feb 2023 02:42:48 GMT
Last-Modified: Tue, 07 Feb 2023 01:06:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=70829152394
178.250.1.8204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=70829152394
IP 178.250.1.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.21.0-pre&cb=70829152394 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 501
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 07 Feb 2023 11:56:38 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://img.scupio.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=198452&zone_id=975162&size_id=15&rp_schain=1.0,1!scupio.com,1007,1,,,&rf=http%3A%2F%2Ffziccordim.cyou%2F&tk_flint=pbjs_lite_v6.21.0-pre&x_source.tid=89effadf-f9f1-4d35-88c6-5a98c13d2d68&l_pb_bid_id=12443d327ba3aaa8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10706305643476044
213.19.162.51200 OK 283 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=198452&zone_id=975162&size_id=15&rp_schain=1.0,1!scupio.com,1007,1,,,&rf=http%3A%2F%2Ffziccordim.cyou%2F&tk_flint=pbjs_lite_v6.21.0-pre&x_source.tid=89effadf-f9f1-4d35-88c6-5a98c13d2d68&l_pb_bid_id=12443d327ba3aaa8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10706305643476044
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 44340d312581414ddcddfb35e45ae917
bebc4f354ff0fba4bfa97e0288a0010b64106bf5
d1f8e6979d4aabf9651bbc4537bba8610cf5e6b87ed7b3e4e4f90bbde49dcc84
GET /a/api/fastlane.json?account_id=17388&site_id=198452&zone_id=975162&size_id=15&rp_schain=1.0,1!scupio.com,1007,1,,,&rf=http%3A%2F%2Ffziccordim.cyou%2F&tk_flint=pbjs_lite_v6.21.0-pre&x_source.tid=89effadf-f9f1-4d35-88c6-5a98c13d2d68&l_pb_bid_id=12443d327ba3aaa8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10706305643476044 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Tue, 07 Feb 2023 11:56:39 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://img.scupio.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LDU6SAB2-1Q-F1YY; Domain=.rubiconproject.com; Path=/; Expires=Wed, 07-Feb-2024 11:56:39 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoTnzMFxAI6nO9DtVM30fCgtEPhnawWgWbPrTjpgsOmGNiUhm5SQjoGnPbhlxCosCsx+FptCLf6Sh53tqeWbtpE; Domain=.rubiconproject.com; Path=/; Expires=Wed, 07-Feb-2024 11:56:39 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 283
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08a4dc42d2e08b2b18c9545ce9a2fdb
b688557ebba4b3c987275761e9a1f5993ad3d8a5
641402fb9282208b33877e4812cb9392b035dba85fcb3a344a2a1072d5a69f28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11630
x-amzn-requestid: 3912e3f9-44a5-405c-9edb-d8409faa0b04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkUHUoIAMFzcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022e8-03e547e96b085d9e29a1852b;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vrf1axqufJTrf057F6nY_97NtiM_Wt0tZXpTGN42rvAOV7a4CPe1ig==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 05:04:30 GMT
age: 24729
etag: "b688557ebba4b3c987275761e9a1f5993ad3d8a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=198452&zone_id=975162&size_id=15&rp_schain=1.0,1!scupio.com,1007,1,,,&rf=http%3A%2F%2Ffziccordim.cyou%2F&tk_flint=pbjs_lite_v6.21.0-pre&x_source.tid=3e55bd10-d76f-483b-a49b-42aeaa58bd13&l_pb_bid_id=11cff27b088513d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8899607394432261
213.19.162.51200 OK 283 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=198452&zone_id=975162&size_id=15&rp_schain=1.0,1!scupio.com,1007,1,,,&rf=http%3A%2F%2Ffziccordim.cyou%2F&tk_flint=pbjs_lite_v6.21.0-pre&x_source.tid=3e55bd10-d76f-483b-a49b-42aeaa58bd13&l_pb_bid_id=11cff27b088513d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8899607394432261
IP 213.19.162.51:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f581cbc00ef9867cdec09df1d5c87aaa
bd133884d55467edc4c663dcf8a5bb614fa96ca3
374eda8bd6531305f3f28960bb154075a8af8e3790cec0d8d622b6dc24ce3bf1
GET /a/api/fastlane.json?account_id=17388&site_id=198452&zone_id=975162&size_id=15&rp_schain=1.0,1!scupio.com,1007,1,,,&rf=http%3A%2F%2Ffziccordim.cyou%2F&tk_flint=pbjs_lite_v6.21.0-pre&x_source.tid=3e55bd10-d76f-483b-a49b-42aeaa58bd13&l_pb_bid_id=11cff27b088513d&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8899607394432261 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Tue, 07 Feb 2023 11:56:39 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://img.scupio.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LDU6SAB5-1I-CR7G; Domain=.rubiconproject.com; Path=/; Expires=Wed, 07-Feb-2024 11:56:39 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrbqSKzj1Jlhu9DtVM30fCgtEPhnawWgWbPrTjpgsOmGNiUhm5SQjoGnPbhlxCosCsx+FptCLf6Sh53tqeWbtpE; Domain=.rubiconproject.com; Path=/; Expires=Wed, 07-Feb-2024 11:56:39 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 283
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ca593296c3354207065369a4a764c8f9
a3e746fe25e5fb4e8a7b0a8da0d383e506ddf17e
0cb5ab2af111cf4b9c04300630c8b382ebd6685df5f166307061d8f9d5a11f10
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 21:45:00 GMT
Expires: Mon, 13 Feb 2023 21:44:59 GMT
Etag: "a3e746fe25e5fb4e8a7b0a8da0d383e506ddf17e"
Cache-Control: max-age=553099,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795bf188e9f8b51d-OSL
ad2.apx.appier.net/v1/prebid/bid
34.96.119.68307 Temporary Redirect 0 B URL HTTP/2 ad2.apx.appier.net/v1/prebid/bid
IP 34.96.119.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/prebid/bid HTTP/1.1
Host: ad2.apx.appier.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1178
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Tue, 07 Feb 2023 11:56:39 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://img.scupio.com
cache-control: no-store
location: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7a9a83b26833b385aa7cbe1172fc246
c550b3f62c9b83136a19abca52bdcc7930162679
c03969075e7bdd7d2b2d2105c489fe686950d9f1f2abf6f390e91a9fee9c4d28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C03969075E7BDD7D2B2D2105C489FE686950D9F1F2ABF6F390E91A9FEE9C4D28"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4415
Expires: Tue, 07 Feb 2023 13:10:14 GMT
Date: Tue, 07 Feb 2023 11:56:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6c0c4632703a750038fbcc3c968cf80
172bbf6a4ff56d8d3aa0ea760fc97b54a4d2a4c0
ec16f2b55917b410ee014a1c8b4aae0e102d7eab7c30c54fef5a6de2bb346814
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5275
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 11:56:39 GMT
Etag: "63e1b3ae-1d7"
Last-Modified: Tue, 07 Feb 2023 10:28:44 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ca593296c3354207065369a4a764c8f9
a3e746fe25e5fb4e8a7b0a8da0d383e506ddf17e
0cb5ab2af111cf4b9c04300630c8b382ebd6685df5f166307061d8f9d5a11f10
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 11:56:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 21:45:00 GMT
Expires: Mon, 13 Feb 2023 21:44:59 GMT
Etag: "a3e746fe25e5fb4e8a7b0a8da0d383e506ddf17e"
Cache-Control: max-age=553099,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795bf188f8600b31-OSL
hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A224E4B7322E29803DA4389623ADA2&tdid=&schain=1.0%2C1!scupio.com%2C1007%2C1%2C%2C%2C&eids=&u=http%3A%2F%2Ffziccordim.cyou%2F&host=fziccordim.cyou&xr=0&w=300&h=250
162.210.196.208204 No Content 0 B URL HTTP/1.1 hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A224E4B7322E29803DA4389623ADA2&tdid=&schain=1.0%2C1!scupio.com%2C1007%2C1%2C%2C%2C&eids=&u=http%3A%2F%2Ffziccordim.cyou%2F&host=fziccordim.cyou&xr=0&w=300&h=250
IP 162.210.196.208:0
ASN #30633 LEASEWEB-USA-WDC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A224E4B7322E29803DA4389623ADA2&tdid=&schain=1.0%2C1!scupio.com%2C1007%2C1%2C%2C%2C&eids=&u=http%3A%2F%2Ffziccordim.cyou%2F&host=fziccordim.cyou&xr=0&w=300&h=250 HTTP/1.1
Host: hb.aralego.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Tue, 07 Feb 2023 11:56:38 GMT
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
connection: close
hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A224E4B7322E29803DA4389623ADA2&tdid=&schain=1.0%2C1!scupio.com%2C1007%2C1%2C%2C%2C&eids=&u=http%3A%2F%2Ffziccordim.cyou%2F&host=fziccordim.cyou&xr=0&w=300&h=250
162.210.196.208204 No Content 0 B URL HTTP/1.1 hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A224E4B7322E29803DA4389623ADA2&tdid=&schain=1.0%2C1!scupio.com%2C1007%2C1%2C%2C%2C&eids=&u=http%3A%2F%2Ffziccordim.cyou%2F&host=fziccordim.cyou&xr=0&w=300&h=250
IP 162.210.196.208:0
ASN #30633 LEASEWEB-USA-WDC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A224E4B7322E29803DA4389623ADA2&tdid=&schain=1.0%2C1!scupio.com%2C1007%2C1%2C%2C%2C&eids=&u=http%3A%2F%2Ffziccordim.cyou%2F&host=fziccordim.cyou&xr=0&w=300&h=250 HTTP/1.1
Host: hb.aralego.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Tue, 07 Feb 2023 11:56:38 GMT
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
connection: close
www.cts.com.tw/images/w_icon04.svg
54.230.111.9301 Moved Permanently 167 B URL HTTP/1.1 www.cts.com.tw/images/w_icon04.svg
IP 54.230.111.9:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /images/w_icon04.svg HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fziccordim.cyou/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 Feb 2023 11:56:39 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.cts.com.tw/images/w_icon04.svg
X-Cache: Redirect from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0Nf6rwV_h0ZoxQ5GlZO9NYD0_H9ngAsd3pOSm7rX2HP_BEr2luAamg==
prebid-asia.creativecdn.com/bidder/prebid/bids
103.132.192.30204 No Content 0 B URL HTTP/2 prebid-asia.creativecdn.com/bidder/prebid/bids
IP 103.132.192.30:0
ASN #138552 RTB HOUSE PTE. LTD.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-asia.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 543
Origin: https://img.scupio.com
Connection: keep-alive
Referer: https://img.scupio.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 07 Feb 2023 11:56:39 GMT
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
api.popin.tw/biz_recommend_js.php?t=1675771045227
104.21.91.59200 OK 0 B URL HTTP/2 api.popin.tw/biz_recommend_js.php?t=1675771045227
IP 104.21.91.59:0
GET /biz_recommend_js.php?t=1675771045227 HTTP/1.1
Host: api.popin.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fziccordim.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 11:56:36 GMT
content-type: application/x-javascript
x-powered-by: PHP/7.2.34
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUpU7tigdgvjiEAMMeUDOV8HqHlYxP2CV2Vr51UbYEtzpUHF1T4LjJvyH6pfri6%2BsXC7ly7ZggkLEMWpE6loH%2FHa9xwwfpZCFfd5rcka5%2BUbGosujdwO%2BzW4lwoxqUw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795bf1739ac7b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cts.com.tw/api/weather_list.json?t=27&callback=callback_weather&_=1675771042517
54.230.111.9200 OK 0 B URL HTTP/2 www.cts.com.tw/api/weather_list.json?t=27&callback=callback_weather&_=1675771042517
IP 54.230.111.9:0
GET /api/weather_list.json?t=27&callback=callback_weather&_=1675771042517 HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 07 Feb 2023 11:56:34 GMT
etag: W/"547376470"
last-modified: Tue, 07 Feb 2023 07:23:01 GMT
expires: Tue, 07 Feb 2023 12:01:34 GMT
cache-control: max-age=300
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: brmnaHuVBaDsWqvlnnuOGCc2LCMK6zUugx28OLaGMz8CPzEBelpOtw==
X-Firefox-Spdy: h2
sb.scorecardresearch.com/internal-cs/default/beacon.js
54.230.111.125200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/internal-cs/default/beacon.js
IP 54.230.111.125:0
GET /internal-cs/default/beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 07 Feb 2023 11:50:50 GMT
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
etag: W/"5b0f9f0704a703b8da651007721fac57"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PGOIiMykDGWNhEVufOTxtntvAuqB9ENXtNDsytVP0X3mV5XiqO_QYg==
age: 346
X-Firefox-Spdy: h2
www.cts.com.tw/api/news_realtime_marquee.json?t=271157&callback=callback_realtime&_=1675771042518
54.230.111.9200 OK 0 B URL HTTP/2 www.cts.com.tw/api/news_realtime_marquee.json?t=271157&callback=callback_realtime&_=1675771042518
IP 54.230.111.9:0
GET /api/news_realtime_marquee.json?t=271157&callback=callback_realtime&_=1675771042518 HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 07 Feb 2023 11:56:34 GMT
etag: W/"3544217806"
last-modified: Tue, 07 Feb 2023 11:54:02 GMT
expires: Tue, 07 Feb 2023 12:01:34 GMT
cache-control: max-age=300
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GHXhxePpxEjzTb9mAVeam7qzQ9e7fLxUQ1SYlNRcvLxsJB8RhhEtYg==
X-Firefox-Spdy: h2
news.cts.com.tw/api/keywords_jsonp.json?t=2&callback=callback_keywords&_=1675771042515
54.230.111.9200 OK 0 B URL HTTP/2 news.cts.com.tw/api/keywords_jsonp.json?t=2&callback=callback_keywords&_=1675771042515
IP 54.230.111.9:0
GET /api/keywords_jsonp.json?t=2&callback=callback_keywords&_=1675771042515 HTTP/1.1
Host: news.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 07 Feb 2023 11:56:34 GMT
etag: W/"3337754846"
last-modified: Tue, 07 Feb 2023 10:12:02 GMT
expires: Tue, 07 Feb 2023 12:01:34 GMT
cache-control: max-age=300
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5YRY0_PsUQ2Jd8tPngXxCyMCZaHdursmWJfrpJN-RwCmv0KBvof5-Q==
X-Firefox-Spdy: h2
www.cts.com.tw/css/tooltip.min.css
54.230.111.9200 OK 0 B URL HTTP/2 www.cts.com.tw/css/tooltip.min.css
IP 54.230.111.9:0
GET /css/tooltip.min.css HTTP/1.1
Host: www.cts.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fziccordim.cyou/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Tue, 07 Feb 2023 11:56:33 GMT
etag: W/"677823008"
last-modified: Thu, 07 May 2020 07:48:02 GMT
expires: Tue, 07 Feb 2023 12:56:33 GMT
cache-control: max-age=3600
server: lighttpd/1.4.53
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xSj42P3ouJdLMVmH5OJWlKLU-SRe1btHyuqPPizVJcrM9C9-hDtpQg==
X-Firefox-Spdy: h2