r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16021
Expires: Tue, 07 Mar 2023 17:50:51 GMT
Date: Tue, 07 Mar 2023 13:23:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f2c901fe04f9e3d18e9c3387b076780
3f0115cd05d7857a8119eff0479f5812df155d3d
84518fa2565f7f63933d3c552e1dc07f84c71f4a3df5d2821484c371ef57b924
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84518FA2565F7F63933D3C552E1DC07F84C71F4A3DF5D2821484C371EF57B924"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4367
Expires: Tue, 07 Mar 2023 14:36:37 GMT
Date: Tue, 07 Mar 2023 13:23:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Mar 2023 13:08:40 GMT
content-type: application/json
age: 910
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5034bcceb9691ad6244be6045742ab53
51e77cdc92833432cd26b13f28875791a187c63c
540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19059
Expires: Tue, 07 Mar 2023 18:41:29 GMT
Date: Tue, 07 Mar 2023 13:23:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Q1IBYcQibKBgxe0DCyl5+5qoIal2LKuqWJvlJoOe52C6mn/sfcbHbd8dFGILRWWKnukTRAe7VJ0=
x-amz-request-id: 9F1RQV7RWM55VV23
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Mar 2023 13:17:35 GMT
age: 375
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Mar 2023 13:23:50 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.cpa12345.com/555
156.232.149.162200 OK 593 B IP 156.232.149.162:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (895), with CRLF line terminators
Hash 1b50ff0a82641ee3e21fe33e2dcabc25
085a2e62aaddbe020a2f75780c82d58c516cd177
b594ae006abdde984b00968e4eef3cb71a17e9032d8952d49f3ac5e4307a1859
Analyzer Verdict Alert fortinet Malware
GET /555 HTTP/1.1
Host: www.cpa12345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.cpa12345.com/common.js
156.232.149.162200 OK 810 B URL HTTP/1.1 www.cpa12345.com/common.js
IP 156.232.149.162:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document, ASCII text
Hash cc395eea1a022215679c10ed90d6ecbe
daeac3584863ae9d71fe5b75ff2ee6fd6f86c6dc
45b84d2f82680b1bfd38bc2943aeabbdda59d04031d257e7c0a6cce58a78c106
Analyzer Verdict Alert fortinet Malware
GET /common.js HTTP/1.1
Host: www.cpa12345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/555
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:50 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.cpa12345.com/tj.js
156.232.149.162200 OK 258 B IP 156.232.149.162:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash 5c3d833c0a741091dcd422c040fd9ece
12caebd03480262c66846b1287f39c891366b3d2
fce25848218876cfd0135c4aff85d156bcbadedbe608af6575c1aca9097dd76c
Analyzer Verdict Alert fortinet Malware
GET /tj.js HTTP/1.1
Host: www.cpa12345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/555
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:50 GMT
Content-Type: application/x-javascript
Content-Length: 258
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Mar 2023 13:12:30 GMT
age: 681
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc9a86b8d3035b57b58750f8896202e8
1485042fff689cadbf0c7a540f430993f23d45e3
b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2401
Expires: Tue, 07 Mar 2023 14:03:52 GMT
Date: Tue, 07 Mar 2023 13:23:51 GMT
Connection: keep-alive
www.cpa12345.com/favicon.ico
156.232.149.162200 OK 1.2 kB URL HTTP/1.1 www.cpa12345.com/favicon.ico
IP 156.232.149.162:0
ASN #134548 DXTL Tseung Kwan O Service
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.cpa12345.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/555
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:51 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 12 Mar 2023 13:23:51 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
push.services.mozilla.com/
54.149.229.221101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.229.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +KZ0JryT3SdD/jZ4wXd9lg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eXNInBtqGCbecOLaHf6/r/36PAM=
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash b248a18676e46f85ae12e85470fb2045
decae54274ce881706fa982c28aeca39d18ae6f3
48886c21dad301c36bd288dc81f8a7fce6384226e645ce5de55d29712912fa59
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 11 Mar 2023 12:15:57 GMT
ETag: "decae54274ce881706fa982c28aeca39d18ae6f3"
Last-Modified: Tue, 07 Mar 2023 12:15:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2332
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a4327ca2c4ab517-OSL
cjg67.com/
122.10.10.41200 12 kB IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash d4176258253b64a16dee434ccfc09587
d2493d8670c881a8432f166c0533639d6cc34b70
09326ba7beb6bf5ea4096bf2348729554199403d37902475b056b7168cdf8ae3
GET / HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Tue, 07 Mar 2023 13:23:51 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: JSESSIONID=A121DC85D58DA225CCA25DB7476DE7E5; Path=/; HttpOnly
_visitor=93e61c4d2031f68dbe5b08c2c5e84236; Max-Age=8; Expires=Tue, 07-Mar-2023 13:23:59 GMT; Path=/
_visitor_from=www.cpa12345.com; Max-Age=8; Expires=Tue, 07-Mar-2023 13:23:59 GMT; Path=/
Accept-Charset: big5, big5-hkscs, cesu-8, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm290, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-hkscs-2001, x-big5-solaris, x-compound_text, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1166, x-ibm1364, x-ibm1381, x-ibm1383, x-ibm300, x-ibm33722, x-ibm737, x-ibm833, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-ms950-hkscs-xp, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/plugins/layui/css/layui.css
122.10.10.41200 OK 16 kB URL HTTP/1.1 cjg67.com/static/plugins/layui/css/layui.css
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (65479)
Hash 52940ef99ecf94302b58107853f65e64
9be2f01bd8b0aac3a4d349f5dc6db8bc3f4ac69d
23fee03661c67d3688aa8eb8b17ac3e7b4c8bb08755a447cd7876e290867d03d
GET /static/plugins/layui/css/layui.css HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-10f94"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/ad.js
122.10.10.41200 OK 302 B IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, ASCII text
Hash d4cff60e277fe74bcd9d8d9d7e97196b
89f7d285436b0199b990945c32a6b903b4e6d45a
d3f8cb2a66f34b18a912327132c479952b491db589f757a35e6cf1863dde583c
GET /static/ad.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Mon, 06 Mar 2023 08:06:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64059eea-45f"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/plugins/layer_mobile/layer.js
122.10.10.41200 OK 1.6 kB URL HTTP/1.1 cjg67.com/static/plugins/layer_mobile/layer.js
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (3204)
Hash cfcb4fb893ec30fa95a2cac71f2232ac
42caa0317263d82c8d7b218aa65b2ca4171b9d70
ddf707ade54829f62fa9a647be0609ace1a64cd0c43c065f29e3b6332c7dda43
GET /static/plugins/layer_mobile/layer.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c5c-ce8"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/js/jquery.metadata.js
122.10.10.41200 OK 1.6 kB URL HTTP/1.1 cjg67.com/static/js/jquery.metadata.js
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash a0d999d7ed04127f0dc356b65eb92b46
c2c12ec05fb194264b9b5bbe1f4adf5798c320fc
4bda74e6f434ba29b5c58346e3709973d54c0539ab9faa8ce67b7a5f71432a05
GET /static/js/jquery.metadata.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c66-fec"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/plugins/jquery-validation/dist/jquery.validate.min.js
122.10.10.41200 OK 8.4 kB URL HTTP/1.1 cjg67.com/static/plugins/jquery-validation/dist/jquery.validate.min.js
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (23122)
Hash 72b1cfcf2406a9ac13a31b970b2195c1
a1857f7b5a35cc81c84ea4d6d459cb9d197069bd
77c61607ec2223d2e252e0beb066b320fb13fed6d270d580082c32d1747ceb0e
GET /static/plugins/jquery-validation/dist/jquery.validate.min.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:31:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf2-5add"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/plugins/jquery-validation/dist/localization/messages_zh.min.js
122.10.10.41200 OK 668 B URL HTTP/1.1 cjg67.com/static/plugins/jquery-validation/dist/localization/messages_zh.min.js
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (740)
Hash ef20251d8612aa8dd5789975ab6eef63
8e720f643d10de342ede9ddbae7be777052f266f
530d646e657f57cb36fd6ade368a25b1a1bcd5bfa0f336cd97865d05a8be9924
GET /static/plugins/jquery-validation/dist/localization/messages_zh.min.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:31:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf2-497"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/theme-sp/vip1/base.js
122.10.10.41200 OK 2.0 kB URL HTTP/1.1 cjg67.com/static/theme-sp/vip1/base.js
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash e9598422e4ddedc407880b453861e334
163ebf0d90116eb1eb57ac302e1027c9fde4d788
ff49cae4f2be395d47e4221e5314e1580a83868e787edbf094c575cd3bfd8c13
GET /static/theme-sp/vip1/base.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Mon, 09 Dec 2019 15:54:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dee6e3e-103c"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
push.zhanzhang.baidu.com/push.js
180.101.212.103200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 07 Mar 2023 13:23:52 GMT
Etag: "4078521116"
Expires: Wed, 06 Mar 2024 13:23:52 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=8757BCF5AD51BBA956B2EBCFA3A36683:FG=1; max-age=31536000; expires=Wed, 06-Mar-24 13:23:52 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
cjg67.com/static/js/jquery.cookie.js
122.10.10.41200 OK 1.4 kB URL HTTP/1.1 cjg67.com/static/js/jquery.cookie.js
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 4cd3995bf9a06595ba9f10c4e930daa8
0aa715c082f5a12174f0f827372e3aa5fe2116bf
5c6855225fbc78fdbadc7416c2e16b5bcd449424098a6d69c583d0a396ca479e
GET /static/js/jquery.cookie.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c66-c31"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/js/jquery-1.10.2.min.js
122.10.10.41200 OK 37 kB URL HTTP/1.1 cjg67.com/static/js/jquery-1.10.2.min.js
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (32072)
Hash fcd5152cb1e5feddf79f5d2213abcc7d
55f59213d31ef055ef2505cdad59e0823c66c087
052635ff1b1c91d40561b01d362d2360c502d81cb974fcb3d47d09c3932b1fdb
GET /static/js/jquery-1.10.2.min.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c66-16bb3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/style.cssx?_wd=fake
122.10.10.41200 0 B URL HTTP/1.1 cjg67.com/style.cssx?_wd=fake
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /style.cssx?_wd=fake HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
cjg67.com/static/js/sockjs.min.js
122.10.10.41200 OK 20 kB URL HTTP/1.1 cjg67.com/static/js/sockjs.min.js
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type ISO-8859 text, with very long lines (32035), with CRLF line terminators
Hash b5f1b4a29f2735906b2bfe152859eeac
ecdfe893d0ea4da86e252e6bd2a162bceb076b37
9f09d6fd95f40ab8d3b41944503084c140fe43b0f990edb2cf2abf2aad2c64c0
GET /static/js/sockjs.min.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:29:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c66-e715"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11731
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:23:52 GMT
Connection: keep-alive
cjg67.com/static/plugins/layui/layui.all.js
122.10.10.41200 OK 98 kB URL HTTP/1.1 cjg67.com/static/plugins/layui/layui.all.js
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type Unicode text, UTF-8 text, with very long lines (65131)
Hash a91f27a72acd6f056412bb708a5ab359
ae2e69f7c7bc83a222167a9d7fd151aa5b59bca3
e1ef0edd382626aec52e23bfb9a401ff61a24677ad4942ec142f151aecb94df6
GET /static/plugins/layui/layui.all.js HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:52 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-3fca1"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4a8d319b1ada8f22e8a1874033aba2c
3afc8111b03b662e88e61f4991a20a90d7d4f973
fca961af0737a3f0caa3a8d5762a309b871f54d0c8bd0e6ab4efdee4cf2fa462
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6282
x-amzn-requestid: 7f17d7b2-eff8-4e36-a0b6-661862d08620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOHQGtNIAMFp8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065d61-18f0b0196b949829744dae4c;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: U0xw1_Kqlj1h5fIdhMFyxdB7mqMJRRx7ZpjFOo165GNmsiGruqLHmg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:13:56 GMT
age: 54596
etag: "3afc8111b03b662e88e61f4991a20a90d7d4f973"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6edb15b0628347e7e7064affe077331
c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26
56c482b858cef1eb56a47dc54b298c31c2dd85cacdc748cea30b3d74a3cda99b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3359
x-amzn-requestid: c884d077-cb85-41c5-adcb-2baac3350d4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOuYHNJIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065e5b-74ab80fe0f96e85957d1a0f3;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 5IlVoIIqNo7P0mzxWpDyuMF8xLoDQqldyINHPFIvnRmLoen0sce1tg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:09:51 GMT
etag: "c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26"
content-type: image/jpeg
age: 54841
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28063b72ccbc658caa4705a87e7a4e12
35a9f5d55ffadd16548d61c99d59e426dd11ce21
a9a2c8104c6c8454eff30437c96b672e230b073623f33a67614fe4fa3ba0645d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7235
x-amzn-requestid: 17b741c5-3911-46a5-b22d-17ef50381ad4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWO15EPHIAMFx-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640591bf-58dbdf76597432b9505f5805;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:09:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: IYw6V_NejqrqRl4UmaUhYInv69UZcaqm8ytploOryAw3Gz4jyJNbdQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 05:13:26 GMT
age: 29426
etag: "35a9f5d55ffadd16548d61c99d59e426dd11ce21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d9e542d11eb3e8eaf08c83e0d72ea74
3113bde9c7ab14701fc4dbc39eec955b30d70150
c677d4b6fc6cf9c120e4f1844cf4605aeb6c7902fdde34ae21258fbb64d0f79b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8512
x-amzn-requestid: 9f7f00c0-dfb4-4b72-a4be-1a5f3c6f2401
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYNhZHU4oAMFTsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065c6f-5b1f26a475702ce913902e66;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: SRN7vb7fldI_vjnuKgm6wXus67qkokYCVJBJXdCNeCQ7mfxRDKcqaQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 21:54:06 GMT
age: 55786
etag: "3113bde9c7ab14701fc4dbc39eec955b30d70150"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ec4f2da6f73f59d9a2493697cbaec8c
3513d0fa932a2cf6ec0cf948cfd6e9c67e450824
cbe6ab8f36271592c0febfa90fe92c88d96dce40197e66cb7c06470bf99eccde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9515
x-amzn-requestid: b2c70ebf-087b-4adf-bc0d-d657586581cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A_J1hHdLoAMFQKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fc5689-632acdce4082512541dc8c1a;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 07:06:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DH-jkcare5_Lmpq_M188dxcLGdvvYb3mj98EAWqe5Z6YCnxff9Xw3w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:38:34 GMT
age: 53118
etag: "3513d0fa932a2cf6ec0cf948cfd6e9c67e450824"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?11217bffa780ab3732248ccd4425a922
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?11217bffa780ab3732248ccd4425a922
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 8bbea8c6090ae46cbd18e3865c9647d4
3f2a7ed0116a02e8fe2e06e59412d701a94b0f1e
7cbf4cfdbfb612f6fa5a2648142a498f9c6f839d0fcf34b5902b28b731242c8a
GET /hm.js?11217bffa780ab3732248ccd4425a922 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cpa12345.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Tue, 07 Mar 2023 13:23:52 GMT
Etag: d0f2deded22bc01fbc9b0a56205e6dec
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2A63967AA907DE64; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
cjg67.com/static/plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9
122.10.10.41200 OK 2.0 kB URL HTTP/1.1 cjg67.com/static/plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (7480)
Hash 8e9d98ad06a9bf6193bd48081b908b3e
93d48a58c248bb525b775a616d9f676c617358bf
62c32c5dc39f32366134fe68b3868a9b305da856b86232fb65cce19b760a9571
GET /static/plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9 HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:53 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-1d71"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/plugins/layui/css/modules/layer/default/layer.css?v=3.1.1
122.10.10.41200 OK 3.3 kB URL HTTP/1.1 cjg67.com/static/plugins/layui/css/modules/layer/default/layer.css?v=3.1.1
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (14368)
Hash 31de70b1f9051220afa7c0d35556a977
e56272fbb5370990fa095a22e74e8baef4e3ca1c
48c4b0cf663a2ea93660e42718518c0f6a47a5d0c5e226a6d1069e763add155b
GET /static/plugins/layui/css/modules/layer/default/layer.css?v=3.1.1 HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:53 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-3859"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/plugins/layui/css/modules/code.css
122.10.10.41200 OK 469 B URL HTTP/1.1 cjg67.com/static/plugins/layui/css/modules/code.css
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (1006)
Hash 236adf5ac6e3eb5c9897ca29cb8cd580
5b40bf7e0669592f7aaba5b4ff71ab08fd0f5e3b
da2d2fdb7e952114f5a8b67423b1ac2f56c2868f5c82d1a26b7ec85334366074
GET /static/plugins/layui/css/modules/code.css HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:53 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3cf0-427"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
cjg67.com/static/plugins/layer_mobile/need/layer.css?2.0
122.10.10.41200 OK 1.4 kB URL HTTP/1.1 cjg67.com/static/plugins/layer_mobile/need/layer.css?2.0
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with very long lines (5260), with no line terminators
Hash c017a7ee7e0b0d4837752a449028de0f
ad0ab0e7f5fc86ab0cdc195f81f71debd49efe2e
7680ec2e5e4a908ab4b9a1fe598ae95a553b509a639417333f2e49eacf48bf04
GET /static/plugins/layer_mobile/need/layer.css?2.0 HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cjg67.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:53 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Oct 2019 17:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5daf3c5c-148c"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
api.share.baidu.com/s.gif?l=http://www.cpa12345.com/555
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.cpa12345.com/555
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.cpa12345.com/555 HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cpa12345.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 07 Mar 2023 13:23:53 GMT
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=113204116&si=11217bffa780ab3732248ccd4425a922&v=1.3.0&lv=1&sn=40688&r=0&ww=1280&u=http%3A%2F%2Fwww.cpa12345.com%2F555&tt=%E5%B7%A2%E6%B9%96%E4%BA%B2%E5%89%BF%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=113204116&si=11217bffa780ab3732248ccd4425a922&v=1.3.0&lv=1&sn=40688&r=0&ww=1280&u=http%3A%2F%2Fwww.cpa12345.com%2F555&tt=%E5%B7%A2%E6%B9%96%E4%BA%B2%E5%89%BF%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=113204116&si=11217bffa780ab3732248ccd4425a922&v=1.3.0&lv=1&sn=40688&r=0&ww=1280&u=http%3A%2F%2Fwww.cpa12345.com%2F555&tt=%E5%B7%A2%E6%B9%96%E4%BA%B2%E5%89%BF%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cpa12345.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 Mar 2023 13:23:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=83A03CBEF7CADFCE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
api.share.baidu.com/s.gif?r=http%3A%2F%2Fwww.cpa12345.com%2F&l=http://cjg67.com/
180.101.212.103200 OK 23 B URL HTTP/1.1 api.share.baidu.com/s.gif?r=http%3A%2F%2Fwww.cpa12345.com%2F&l=http://cjg67.com/
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f
GET /s.gif?r=http%3A%2F%2Fwww.cpa12345.com%2F&l=http://cjg67.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cjg67.com/
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Length: 23
Content-Type: image/gif
Server: bfe
Date: Tue, 07 Mar 2023 13:23:53 GMT
hm.baidu.com/hm.js?394d0ec1fdd0117524d5d73bc05d51e2
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?394d0ec1fdd0117524d5d73bc05d51e2
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash e183495b434d0f5e20882569e5e9f023
5aae31a69b503456dd93fe65661c9e27d5a29d79
96b6448ce923d2beb122e7c8806677a902c8f241c356dda0b768054269fb13a2
GET /hm.js?394d0ec1fdd0117524d5d73bc05d51e2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11261
Content-Type: application/javascript
Date: Tue, 07 Mar 2023 13:23:52 GMT
Etag: 3c997b9473a37a2cdec03ee915d5615e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2CB2540F9CC7A415; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1101183475&si=394d0ec1fdd0117524d5d73bc05d51e2&su=http%3A%2F%2Fwww.cpa12345.com%2F&v=1.3.0&lv=1&sn=40689&r=0&ww=1280&u=http%3A%2F%2Fcjg67.com%2F&tt=%E8%97%8F%E7%B2%BE%E9%98%81
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1101183475&si=394d0ec1fdd0117524d5d73bc05d51e2&su=http%3A%2F%2Fwww.cpa12345.com%2F&v=1.3.0&lv=1&sn=40689&r=0&ww=1280&u=http%3A%2F%2Fcjg67.com%2F&tt=%E8%97%8F%E7%B2%BE%E9%98%81
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1101183475&si=394d0ec1fdd0117524d5d73bc05d51e2&su=http%3A%2F%2Fwww.cpa12345.com%2F&v=1.3.0&lv=1&sn=40689&r=0&ww=1280&u=http%3A%2F%2Fcjg67.com%2F&tt=%E8%97%8F%E7%B2%BE%E9%98%81 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 07 Mar 2023 13:23:53 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B1BF7BCFD260CD20; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 6af4d05eea968a8214f398ad7ce3d764
2f8aeca33caf01d18d02cf4cf95186f82f03a495
fd3f78175f7275be40285838d3ecccfa88f9aeee33451cd63750f2d9abc652ec
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 13:23:54 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 05 Mar 2023 23:17:32 GMT
Expires: Sun, 12 Mar 2023 23:17:31 GMT
Etag: "2f8aeca33caf01d18d02cf4cf95186f82f03a495"
Cache-Control: max-age=467016,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a4327d94fc81c06-OSL
dvcasha2.ocsp-certum.com/
95.101.10.107200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.107:0
ASN #20940 Akamai International B.V.
Hash b663a45198f5aec3e303bbf2b7dfcf2d
8f1a50022ee7a8dde1b9a361ad113b16982135eb
5a40b0bdb7c4cb13305ce23aa5fc485480b9d901e2e2bc6af9ea2878b5644b15
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=470
Date: Tue, 07 Mar 2023 13:23:54 GMT
Connection: keep-alive
X-N: S
8499165.com/8499/zzxx/960x100.gif
172.247.50.244200 OK 479 kB URL HTTP/2 8499165.com/8499/zzxx/960x100.gif
IP 172.247.50.244:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 479 kB (479036 bytes)
Hash f586fcd7d6a54725a2d0d26355f16a06
338916b44a69b6820f8b741d0c47e68830e6234a
af1a7ed89fa356285f747cd80c8d7d33b980066a02051706c41083edd567414d
GET /8499/zzxx/960x100.gif HTTP/1.1
Host: 8499165.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Mar 2023 13:23:54 GMT
content-type: image/gif
content-length: 479036
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "74f3c-5f092cf09552f"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
595tuchuang.com/960x80.gif
23.224.27.252200 OK 145 kB URL HTTP/2 595tuchuang.com/960x80.gif
IP 23.224.27.252:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 145 kB (144990 bytes)
Hash 9fd5431ae14d05e144a79a04b928ad1d
43ca6652416a1403dc5a96d779d414330edbe411
f56b12228d407bfd1f7d17582733a92443a012dc7005b9b9896e9b8b3dc13c2c
GET /960x80.gif HTTP/1.1
Host: 595tuchuang.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Mar 2023 13:23:55 GMT
content-type: image/gif
content-length: 144990
last-modified: Wed, 21 Dec 2022 13:28:21 GMT
etag: "63a309f5-2365e"
expires: Fri, 31 Mar 2023 16:54:29 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
server: cdn
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0f3132fc21f6c771ae4f3a4ce2e819c4
27c77e7184e5cd2e2a68762cc9bbf75a2371a50b
82304684ee7812fbdeb5b0ea73e694eebf14937d8700d5ac14fde26e589248e3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Mar 2023 13:23:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Mar 2023 13:50:39 GMT
Expires: Sun, 12 Mar 2023 13:50:38 GMT
Etag: "27c77e7184e5cd2e2a68762cc9bbf75a2371a50b"
Cache-Control: max-age=433001,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a4327e44baab4ed-OSL
688aaa.us/29d05b2c5ae746e7b37ef94d49895331.gif
103.170.15.94200 OK 746 kB URL HTTP/1.1 688aaa.us/29d05b2c5ae746e7b37ef94d49895331.gif
IP 103.170.15.94:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 746 kB (746035 bytes)
Hash 51a47f49002ea9dfdfcc5e6eaf3fab70
3a07e996231f93ee7c0426bb99e310e79ab861f4
a298680bd0a8897d02ad92bd0370aedbde69a6f6e52cb60feafde6e0a04bffea
GET /29d05b2c5ae746e7b37ef94d49895331.gif HTTP/1.1
Host: 688aaa.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cjg67.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63ff44cb-b6233"
Date: Wed, 01 Mar 2023 13:39:39 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 01 Mar 2023 12:27:55 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 746035
cjg67.com/static/plugins/layui/font/iconfont.woff?v=240
122.10.10.41200 OK 27 kB URL HTTP/1.1 cjg67.com/static/plugins/layui/font/iconfont.woff?v=240
IP 122.10.10.41:0
ASN #134548 DXTL Tseung Kwan O Service
File type Web Open Font Format, TrueType, length 26744, version 1.0\012- data
Hash e9caaa0617fa61c01f765960d10da0ef
f116555d117ded6e97229847ba3c8e8ca12e2f2b
6e9dac35a993a17830b37c400415142906634d2b0a7af0b2418a92ed959ae201
GET /static/plugins/layui/font/iconfont.woff?v=240 HTTP/1.1
Host: cjg67.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cjg67.com/static/plugins/layui/css/layui.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:23:58 GMT
Content-Type: font/woff
Content-Length: 26744
Last-Modified: Tue, 22 Oct 2019 17:31:28 GMT
Connection: keep-alive
ETag: "5daf3cf0-6878"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes