duniaqu.com/
104.164.212.214301 Moved Permanently 0 B IP 104.164.212.214:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: duniaqu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.duniaqu.com/index.php
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16803ffa29e10ee999c43eb4e4acfe92
a5ede865a388fa440f20994b43c417d403e9a493
08de8f6abb622e84d2cb6e88dee8fc7c408147ac43da9c24d4cde510ed36b53a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08DE8F6ABB622E84D2CB6E88DEE8FC7C408147AC43DA9C24D4CDE510ED36B53A"
Last-Modified: Mon, 02 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3269
Expires: Wed, 04 Jan 2023 03:36:26 GMT
Date: Wed, 04 Jan 2023 02:41:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8afcbdfc50b3ac9488d629a1a4923b81
933fe7b84c2fbd931da70e92c86fa89110e7cfe7
9857b3b813177c23f90a7e53c7ec1f878362b1da27bc19493bebffc358a4b852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9857B3B813177C23F90A7E53C7EC1F878362B1DA27BC19493BEBFFC358A4B852"
Last-Modified: Sun, 01 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10672
Expires: Wed, 04 Jan 2023 05:39:49 GMT
Date: Wed, 04 Jan 2023 02:41:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 04 Jan 2023 02:36:19 GMT
content-type: application/json
age: 338
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 225d42543c0190cdb3686bf236533f4f
13a0940800fce078487372b6b3ca614dd1ab6c31
766bbe15eb1642ac39e9b71669fbb44252471c8de5adb555cd1a76db44fbe7bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "766BBE15EB1642AC39E9B71669FBB44252471C8DE5ADB555CD1A76DB44FBE7BC"
Last-Modified: Mon, 02 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2303
Expires: Wed, 04 Jan 2023 03:20:20 GMT
Date: Wed, 04 Jan 2023 02:41:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 87XgATos/6LA20SoBMKCXokr7teB2vkOldPveIpkFUz8CcN6PePX2w/bc3XUWPLTJPSHLnqoAuM=
x-amz-request-id: 2BNG18CTYHQSB8GP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 04 Jan 2023 01:58:56 GMT
age: 2581
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 02:41:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.duniaqu.com/index.php
104.164.212.214200 OK 551 B URL HTTP/1.1 www.duniaqu.com/index.php
IP 104.164.212.214:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (682), with CRLF line terminators
Hash 6411479177f93918f7660d618a606867
54e6bcbbdfea37b1a9abacaba9d207af6112f04f
4d7313ddbd7c1cd618657ccd4d090eb66bf3f5662af99c9e987546c5a27c63e5
GET /index.php HTTP/1.1
Host: www.duniaqu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 04 Jan 2023 02:33:36 GMT
age: 502
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 49d6e3cef8f01f0261ff5644001d652b
03eca12234d73b1f3e8489939e4f6551914d29b2
bb680ef4d4989e9e1147da3a7d5ccc518f63108b4ed1f2367a2793db0f740f21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1690
Cache-Control: max-age=111181
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 02:41:58 GMT
Etag: "63b3f029-1d7"
Expires: Thu, 05 Jan 2023 09:34:59 GMT
Last-Modified: Tue, 03 Jan 2023 09:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.duniaqu.com/common.js
104.164.212.214200 OK 1.0 kB URL HTTP/1.1 www.duniaqu.com/common.js
IP 104.164.212.214:0
File type HTML document, ASCII text, with very long lines (389), with CRLF line terminators
Hash 4e6a9c15b216b58c62d421e0ee9f5b98
b1c1dcaa0718a36589ee9a98dccce4b855907395
5d49072e358f4db14945970a8909d5a8d04f7acf60d489464e56a866377d8d0f
GET /common.js HTTP/1.1
Host: www.duniaqu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.duniaqu.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.duniaqu.com/tj.js
104.164.212.214200 OK 2.4 kB IP 104.164.212.214:0
File type HTML document, ASCII text, with very long lines (5068), with no line terminators
Hash b44b121544644439feedc23c4567466b
1a4dea1b99c82b685363da3904a498d81874ae53
18c35773d6fab4dab0d6b14ea7cb11ac0c3a23a783c1e31d04b53016320f9b22
GET /tj.js HTTP/1.1
Host: www.duniaqu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.duniaqu.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
54.187.31.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.31.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 81M+o9FCmDZ0KJuDMRBafA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wJHaGvaRKGbZYglVPqSHyqjwNvc=
www.duniaqu.com/favicon.ico
104.164.212.214200 OK 1.2 kB URL HTTP/1.1 www.duniaqu.com/favicon.ico
IP 104.164.212.214:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.duniaqu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.duniaqu.com/index.php
Cookie: __tins__21384351=%7B%22sid%22%3A%201672800109333%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201672801909333%7D; __51cke__=; __51laig__=1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Mon, 09 Jan 2023 02:42:00 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
api.share.baidu.com/s.gif?l=http://www.duniaqu.com/index.php
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.duniaqu.com/index.php
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.duniaqu.com/index.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.duniaqu.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Wed, 04 Jan 2023 02:41:58 GMT
wdctg0.com/
160.124.214.195200 OK 6.3 kB IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 1491e70f0a39c58b7bf8175e3aa40c62
aa89fd542a7de1369a80f51d0e5c969fe991dfc7
dee3b9097d3a0551632d384d96bb10c332c7b9f0983bb2d2fc7ec062bc07e6d1
GET / HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.duniaqu.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:58 GMT
Content-Type: text/html
Last-Modified: Tue, 03 Jan 2023 13:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b43421-8ec2"
Content-Encoding: gzip
wdctg0.com/static/css/mdyy%EF%B9%96ver=5111.011881888888.css
160.124.214.195200 OK 10 kB URL HTTP/1.1 wdctg0.com/static/css/mdyy%EF%B9%96ver=5111.011881888888.css
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type Unicode text, UTF-8 text, with very long lines (29208)
Hash 97a8babb35b83cf08e773bf0b11d9075
d4038aaf86c2c93bb74b59c98af43b7c8625e4d9
289b5f38d53187086c0ce2bdc7a8f87d97108ddb99e6312acbc89540614a54a7
GET /static/css/mdyy%EF%B9%96ver=5111.011881888888.css HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: text/css
Last-Modified: Sun, 18 Dec 2022 09:37:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639edf6f-2c6f5"
Expires: Wed, 04 Jan 2023 14:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ia.51.la/go1?id=21384351&rt=1672800109333&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25BA%259A%25E6%25B4%25B2%25E7%25BB%258F%25E5%2585%25B8%25E4%25B8%2589%25E7%25BA%25A7%252C%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%25BC%2580%25E4%25B8%2580%25E6%259C%259F%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%2587%25BA%25E7%2589%25B9%252C%25E9%25BB%2584%25E8%2589%25B2%25E6%25AF%259B%25E7%2589%2587a%25E7%25BA%25A7%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%2585%25AC%25E5%25BC%2580&ing=1&ekc=&sid=1672800109333&tt=%25E6%258B%2589%25E8%2590%25A8%25E6%2583%25A9%25E8%25BF%25B7%25E6%2595%2599%25E8%2582%25B2%25E5%2592%25A8%25E8%25AF%25A2%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25BA%259A%25E6%25B4%25B2%25E7%25BB%258F%25E5%2585%25B8%25E4%25B8%2589%25E7%25BA%25A7%252C%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%25BC%2580%25E4%25B8%2580%25E6%259C%259F%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%2587%25BA%25E7%2589%25B9%252C%25E9%25BB%2584%25E8%2589%25B2%25E6%25AF%259B%25E7%2589%2587a%25E7%25BA%25A7%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%2585%25AC%25E5%25BC%2580%25E5%2585%258D%25E8%25B4%25B9%25E4%25BA%25BA%25E6%2588%2590%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%258D%2588%25E5%25A4%259C%25E7%2590%2586%25E8%25AE%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E7%2589%2587%25E4%25B8%258D%25E5%258D%25A1%252C%25E4%25B8%25AD%25E5%259B%25BD%25E4%25BA%25BA%25E5%2585%258D%25E8%25B4%25B9%25E9%25AB%2598%25E6%25B8%2585%25E8%25A7%2586%25E9%25A2%2591%252Cfree%25203d%2520xxxx%2520video%25E5%258A%25A8%25E6%25BC%25AB%252C%25E5%259B%25BD%25E4%25BA%25A7%25E6%25AC%25A7%25E7%25BE%258E%25E6%2597%25A5%25E9%259F%25A9%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B&cu=http%253A%252F%252Fwww.duniaqu.com%252Findex.php&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21384351&rt=1672800109333&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25BA%259A%25E6%25B4%25B2%25E7%25BB%258F%25E5%2585%25B8%25E4%25B8%2589%25E7%25BA%25A7%252C%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%25BC%2580%25E4%25B8%2580%25E6%259C%259F%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%2587%25BA%25E7%2589%25B9%252C%25E9%25BB%2584%25E8%2589%25B2%25E6%25AF%259B%25E7%2589%2587a%25E7%25BA%25A7%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%2585%25AC%25E5%25BC%2580&ing=1&ekc=&sid=1672800109333&tt=%25E6%258B%2589%25E8%2590%25A8%25E6%2583%25A9%25E8%25BF%25B7%25E6%2595%2599%25E8%2582%25B2%25E5%2592%25A8%25E8%25AF%25A2%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25BA%259A%25E6%25B4%25B2%25E7%25BB%258F%25E5%2585%25B8%25E4%25B8%2589%25E7%25BA%25A7%252C%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%25BC%2580%25E4%25B8%2580%25E6%259C%259F%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%2587%25BA%25E7%2589%25B9%252C%25E9%25BB%2584%25E8%2589%25B2%25E6%25AF%259B%25E7%2589%2587a%25E7%25BA%25A7%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%2585%25AC%25E5%25BC%2580%25E5%2585%258D%25E8%25B4%25B9%25E4%25BA%25BA%25E6%2588%2590%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%258D%2588%25E5%25A4%259C%25E7%2590%2586%25E8%25AE%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E7%2589%2587%25E4%25B8%258D%25E5%258D%25A1%252C%25E4%25B8%25AD%25E5%259B%25BD%25E4%25BA%25BA%25E5%2585%258D%25E8%25B4%25B9%25E9%25AB%2598%25E6%25B8%2585%25E8%25A7%2586%25E9%25A2%2591%252Cfree%25203d%2520xxxx%2520video%25E5%258A%25A8%25E6%25BC%25AB%252C%25E5%259B%25BD%25E4%25BA%25A7%25E6%25AC%25A7%25E7%25BE%258E%25E6%2597%25A5%25E9%259F%25A9%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B&cu=http%253A%252F%252Fwww.duniaqu.com%252Findex.php&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21384351&rt=1672800109333&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25BA%259A%25E6%25B4%25B2%25E7%25BB%258F%25E5%2585%25B8%25E4%25B8%2589%25E7%25BA%25A7%252C%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%25BC%2580%25E4%25B8%2580%25E6%259C%259F%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%2587%25BA%25E7%2589%25B9%252C%25E9%25BB%2584%25E8%2589%25B2%25E6%25AF%259B%25E7%2589%2587a%25E7%25BA%25A7%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%2585%25AC%25E5%25BC%2580&ing=1&ekc=&sid=1672800109333&tt=%25E6%258B%2589%25E8%2590%25A8%25E6%2583%25A9%25E8%25BF%25B7%25E6%2595%2599%25E8%2582%25B2%25E5%2592%25A8%25E8%25AF%25A2%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25BA%259A%25E6%25B4%25B2%25E7%25BB%258F%25E5%2585%25B8%25E4%25B8%2589%25E7%25BA%25A7%252C%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%25BC%2580%25E4%25B8%2580%25E6%259C%259F%25E4%25B8%2589%25E6%259C%259F%25E5%25BF%2585%25E5%2587%25BA%25E7%2589%25B9%252C%25E9%25BB%2584%25E8%2589%25B2%25E6%25AF%259B%25E7%2589%2587a%25E7%25BA%25A7%252C%25E5%259B%25BD%25E4%25BA%25A7%25E5%2585%25AC%25E5%25BC%2580%25E5%2585%258D%25E8%25B4%25B9%25E4%25BA%25BA%25E6%2588%2590%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%258D%2588%25E5%25A4%259C%25E7%2590%2586%25E8%25AE%25BA%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E7%2589%2587%25E4%25B8%258D%25E5%258D%25A1%252C%25E4%25B8%25AD%25E5%259B%25BD%25E4%25BA%25BA%25E5%2585%258D%25E8%25B4%25B9%25E9%25AB%2598%25E6%25B8%2585%25E8%25A7%2586%25E9%25A2%2591%252Cfree%25203d%2520xxxx%2520video%25E5%258A%25A8%25E6%25BC%25AB%252C%25E5%259B%25BD%25E4%25BA%25A7%25E6%25AC%25A7%25E7%25BE%258E%25E6%2597%25A5%25E9%259F%25A9%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B&cu=http%253A%252F%252Fwww.duniaqu.com%252Findex.php&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.duniaqu.com/
HTTP/1.1 200
Server: CloudWAF
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=78651e71788d774d633; path=/
HWWAFSESTIME=1672800115985; path=/
wdctg0.com/cpa/shang.js
160.124.214.195200 OK 1.5 kB IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type HTML document, ASCII text
Hash 956d53e54b1936e435e335468a59e668
88407cef332e1767c33b47bf50e00ea88edfb791
b820c392e9b9f1c927123836e8fb3f2a6183f98fa51aef6772c27e482d891d64
GET /cpa/shang.js HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 03 Jan 2023 13:37:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b42fa7-1a64"
Expires: Wed, 04 Jan 2023 14:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wdctg0.com/cpa/zhong.js
160.124.214.195200 OK 633 B IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type HTML document, Unicode text, UTF-8 text
Hash 1059510c061cef224921ffb2c18917d9
149ae21075d05f08fbf6966e060655e484010f88
24b4cce69a82af27698836fae70ff01c39ab85f7940a1ef0c4505592c17fb82e
GET /cpa/zhong.js HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 03 Jan 2023 12:08:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b41abb-1d38"
Expires: Wed, 04 Jan 2023 14:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wdctg0.com/cpa/xia.js
160.124.214.195200 OK 489 B IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type HTML document, Unicode text, UTF-8 text
Hash d403f2443ba59178951c97012f3cd1ce
3c2d37b45eb2b7b4e466c0ef38b16e3b9d91c33f
9819e554ed39e9dff778549e9203dcc2289f4b0916bb62942c08ca3c1c0872e9
GET /cpa/xia.js HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: application/javascript
Last-Modified: Tue, 03 Jan 2023 12:07:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b41a97-1134"
Expires: Wed, 04 Jan 2023 14:41:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wdctg0.com/static/picture/9.jpg
160.124.214.195200 OK 170 kB URL HTTP/1.1 wdctg0.com/static/picture/9.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 170 kB (170333 bytes)
Hash 4c7e37a96333441c1fed478132d53ff8
3b464cf2aff421a6b82e62ae01814e758c1b163c
c98000baf7e7d6d1e0185f2c9195e466034fa28bd71bafda738c7ddd092f1cfa
GET /static/picture/9.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: image/jpeg
Content-Length: 170333
Last-Modified: Mon, 19 Dec 2022 11:30:50 GMT
Connection: keep-alive
ETag: "63a04b6a-2995d"
Expires: Fri, 03 Feb 2023 02:41:59 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/7.jpg
160.124.214.195200 OK 152 kB URL HTTP/1.1 wdctg0.com/static/picture/7.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 152 kB (151709 bytes)
Hash 1a534b0ee88e0ec69d6f5443a598569b
d01e3ed76cb06762babac76ef5d418b530551b86
871fc5eb9789e939a1efd7dbe0a64787eb0d991712700abda602036da620b7f9
GET /static/picture/7.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: image/jpeg
Content-Length: 151709
Last-Modified: Mon, 19 Dec 2022 11:28:20 GMT
Connection: keep-alive
ETag: "63a04ad4-2509d"
Expires: Fri, 03 Feb 2023 02:41:59 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/8.jpg
160.124.214.195200 OK 183 kB URL HTTP/1.1 wdctg0.com/static/picture/8.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 183 kB (182909 bytes)
Hash e98ad5a178b063f9d0a92cdb026cf4a1
fbb1697ed666d83a8b722975d213dd66ab0ae831
84e1a86ec2d38010628777941f37a99abf9746f3489e1c1cad3f066a128229a1
GET /static/picture/8.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: image/jpeg
Content-Length: 182909
Last-Modified: Mon, 19 Dec 2022 11:29:56 GMT
Connection: keep-alive
ETag: "63a04b34-2ca7d"
Expires: Fri, 03 Feb 2023 02:41:59 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/1.jpg
160.124.214.195200 OK 169 kB URL HTTP/1.1 wdctg0.com/static/picture/1.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 169 kB (168554 bytes)
Hash 431bbdf0ac14e2a6b313191cd82ed9ff
df94e3335e305e7d46bd333eff6bd75cea4c8eb5
3ccfe82cc2e8764878939c561e7252b9291a7f96881fb0ad08e1600ec29bc06e
GET /static/picture/1.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 168554
Last-Modified: Mon, 19 Dec 2022 11:21:42 GMT
Connection: keep-alive
ETag: "63a04946-2926a"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba0bb07761a0392b2430d634c02524eb
21e307805f0c1f8a547d9ab7a01f8cfceb3da44c
ab54d6b229b0b825a7178b4b14fb0fef38ae21f1088cd588535fecbec8c25704
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB54D6B229B0B825A7178B4B14FB0FEF38AE21F1088CD588535FECBEC8C25704"
Last-Modified: Tue, 03 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18168
Expires: Wed, 04 Jan 2023 07:44:48 GMT
Date: Wed, 04 Jan 2023 02:42:00 GMT
Connection: keep-alive
wdctg0.com/static/picture/10.jpg
160.124.214.195200 OK 164 kB URL HTTP/1.1 wdctg0.com/static/picture/10.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 164 kB (163488 bytes)
Hash 95c4f429939dea058f1ca83f11840ad9
c9eb28aea533556a9195385e82b44d580fd996d4
8039a0f44ebbc17990da16c89bb59738fe2a72fad5f5ce197813743d70ed8eca
GET /static/picture/10.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: image/jpeg
Content-Length: 163488
Last-Modified: Mon, 19 Dec 2022 11:31:43 GMT
Connection: keep-alive
ETag: "63a04b9f-27ea0"
Expires: Fri, 03 Feb 2023 02:41:59 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/11.jpg
160.124.214.195200 OK 148 kB URL HTTP/1.1 wdctg0.com/static/picture/11.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 148 kB (147797 bytes)
Hash e48ff1cef12e29afb50d0c4b3a7d3112
09d487f28bfd4adb12acfacbc5cf604f82908674
a923ea3eda733b58292dff741c28e5ad70373ec2703703dc429859bd31596040
GET /static/picture/11.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: image/jpeg
Content-Length: 147797
Last-Modified: Mon, 19 Dec 2022 11:32:52 GMT
Connection: keep-alive
ETag: "63a04be4-24155"
Expires: Fri, 03 Feb 2023 02:41:59 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/3.jpg
160.124.214.195200 OK 177 kB URL HTTP/1.1 wdctg0.com/static/picture/3.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 177 kB (177028 bytes)
Hash 7a6cab7ed879b97af40941a05f76e76b
9c51deba79770ff6f20b3b4515a513baf813cf9b
4f157b3aef6390d374af48df15689582db8eb0c285ba23e43ed92bdfe2c1ad00
GET /static/picture/3.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 177028
Last-Modified: Mon, 19 Dec 2022 11:25:41 GMT
Connection: keep-alive
ETag: "63a04a35-2b384"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/4.jpg
160.124.214.195200 OK 189 kB URL HTTP/1.1 wdctg0.com/static/picture/4.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 189 kB (189109 bytes)
Hash b0a64b54f60827411535412622ebdedc
374b796a6e846b33de9636f49efae02acbe0feb9
9e87ddf0210b5f8c1593fe0d1e1c9a12932646fa1bd4550d7c187f61395bccec
GET /static/picture/4.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 189109
Last-Modified: Mon, 19 Dec 2022 11:25:14 GMT
Connection: keep-alive
ETag: "63a04a1a-2e2b5"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/2.jpg
160.124.214.195200 OK 172 kB URL HTTP/1.1 wdctg0.com/static/picture/2.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 172 kB (172208 bytes)
Hash d2613a7586c37377aba96548263d0e81
dd25d851bc2e639d2c4b00b5c2c26b44f054fe05
8b9ba11c5dcc4ad27c07ac07730325f31739495f7350c58cb82cbf6a780cda91
GET /static/picture/2.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 172208
Last-Modified: Mon, 19 Dec 2022 11:24:47 GMT
Connection: keep-alive
ETag: "63a049ff-2a0b0"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/12.jpg
160.124.214.195200 OK 208 kB URL HTTP/1.1 wdctg0.com/static/picture/12.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 208 kB (207930 bytes)
Hash d0976df30cc269f46c4464944561362c
99de526a13f7a4d906c334373bbbd3dd9ae7d865
aac9b65d538204d65004db53ac2803da49df555c4cf98c8fe96ed8663588a90d
GET /static/picture/12.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:41:59 GMT
Content-Type: image/jpeg
Content-Length: 207930
Last-Modified: Mon, 19 Dec 2022 11:33:12 GMT
Connection: keep-alive
ETag: "63a04bf8-32c3a"
Expires: Fri, 03 Feb 2023 02:41:59 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/13.jpg
160.124.214.195200 OK 150 kB URL HTTP/1.1 wdctg0.com/static/picture/13.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 150 kB (150532 bytes)
Hash c2dcd61d96c90922394c6cc6e88dd57f
77a9eb63ff6585f065f42d6e35deb913d40a7053
40e6410e8e04f3306d5373784ccd6459382b138cbeb3f7378f79a36ee7242ada
GET /static/picture/13.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 150532
Last-Modified: Mon, 19 Dec 2022 11:34:56 GMT
Connection: keep-alive
ETag: "63a04c60-24c04"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/14.jpg
160.124.214.195200 OK 144 kB URL HTTP/1.1 wdctg0.com/static/picture/14.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 144 kB (143821 bytes)
Hash bf2cbbf4a55f5f5de3124ac3efc59b7b
144a161ce7db7e1c1bf4046aa8f4e99f57f27e07
4baea6dfa67de22be11bbbceff41157f9c7da06bf5fe154b1087bef44c780727
GET /static/picture/14.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 143821
Last-Modified: Mon, 19 Dec 2022 11:36:53 GMT
Connection: keep-alive
ETag: "63a04cd5-231cd"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/5.jpg
160.124.214.195200 OK 172 kB URL HTTP/1.1 wdctg0.com/static/picture/5.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 172 kB (172062 bytes)
Hash a04dbd2ee1bf1e9df8fd544726493e0e
19e65ad3c5c110ed7e3528d14182f5dc91e26b0f
0f94968fda8d8a49ec3cb88e141a1e1cf58e8c3806726294e6e0891476eea23d
GET /static/picture/5.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 172062
Last-Modified: Mon, 19 Dec 2022 11:26:42 GMT
Connection: keep-alive
ETag: "63a04a72-2a01e"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/15.jpg
160.124.214.195200 OK 195 kB URL HTTP/1.1 wdctg0.com/static/picture/15.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 195 kB (194709 bytes)
Hash ad309181f61a01c59174d7b82e0b7a28
5086c054eee527656de470880e4245c97db5b421
d0e450d8d6f3913e3641a58ffd3ada475f62e6ddf1a4bc8dc180702b86a31932
GET /static/picture/15.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 194709
Last-Modified: Mon, 19 Dec 2022 11:37:27 GMT
Connection: keep-alive
ETag: "63a04cf7-2f895"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/16.jpg
160.124.214.195200 OK 63 kB URL HTTP/1.1 wdctg0.com/static/picture/16.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash ee8e070ffc40eadc6f7d00f3eee27ff9
c950b96c2c58dc3cd446b8091d8abc3585ebe584
2c4588f4130156d3f4f795615227bdd588fbf7542de4f921f0acd7527d92fd2f
GET /static/picture/16.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 63431
Last-Modified: Mon, 19 Dec 2022 11:40:21 GMT
Connection: keep-alive
ETag: "63a04da5-f7c7"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
wdctg0.com/static/picture/6.jpg
160.124.214.195200 OK 209 kB URL HTTP/1.1 wdctg0.com/static/picture/6.jpg
IP 160.124.214.195:0
ASN #132839 POWER LINE DATACENTER
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x720, components 3\012- data
Size 209 kB (209247 bytes)
Hash 2c59b80a3f18f2e71cebb2b9748fadc6
5af350df9df1f0a56e86594fcf820ee12f66dab3
581386c856203ec8806e1cf02238064342c605f36fc1a9719b8adb401cfa92df
GET /static/picture/6.jpg HTTP/1.1
Host: wdctg0.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wdctg0.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: image/jpeg
Content-Length: 209247
Last-Modified: Mon, 19 Dec 2022 11:27:26 GMT
Connection: keep-alive
ETag: "63a04a9e-3315f"
Expires: Fri, 03 Feb 2023 02:42:00 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c4719f10b16aa492c5dbdb8a1bfc20af
21831c11bfc9679c9f0ebc1f6a39284a5d16be56
c8682ee9e025254ee9cd1d9c663a40707cb170c141a328a7de07ded8de06f787
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8682EE9E025254EE9CD1D9C663A40707CB170C141A328A7DE07DED8DE06F787"
Last-Modified: Sun, 01 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3232
Expires: Wed, 04 Jan 2023 03:35:52 GMT
Date: Wed, 04 Jan 2023 02:42:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68ecb4b1-cd89-45e3-ae9d-b225ccd2e379.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68ecb4b1-cd89-45e3-ae9d-b225ccd2e379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3688d2e4e22bd8da693034332f90571
5864cbe9905bc35f9b6e708c969a342aa2fd5e4f
20caefb9ce8efe17d568f631f5d11edd76a6e6fc6d60f7a01475151ad93b118e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68ecb4b1-cd89-45e3-ae9d-b225ccd2e379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6620
x-amzn-requestid: 448c830d-5388-4ad4-9374-7dafcba6b40e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ3_2F2lIAMFawQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d398-79b3fdba5af7be120453d42d;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:04:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tu2y8-76oVcv0hsK4Sfbzx4J3GULlC_LaP875jurUcJfaw7Sp_1hpw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 07:33:41 GMT
age: 68899
etag: "5864cbe9905bc35f9b6e708c969a342aa2fd5e4f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 359f30e64bec00d0a01acd69a08b684d
ac965c8642c4d1e47713965060fa2fc8f19088b1
fff1b001462468cc953092a2312650c03f307e95c40e2c6bb7356e2a8b9b0283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11877
x-amzn-requestid: 884b9243-6a8a-4434-9b2a-e5eff84d4e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33bFnDoAMFpoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3f7043ae29d21e010ddc1ff9;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WcUVY1LHWCEWWyJZEhS8M5tlXhx5WDnIr9RmxLMvqIilnREfwORJew==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 22:12:53 GMT
age: 16147
etag: "ac965c8642c4d1e47713965060fa2fc8f19088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd778a59b-6bc4-4e21-bec7-38d1b87be05b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd778a59b-6bc4-4e21-bec7-38d1b87be05b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fdda07f757a2d7f87e34e168f8dcdf1d
861b6c16e2a034b9793dde7a6898cbf485c4b6e1
21a043424ce5469863e0208d1de4a1927d0ca44b9d1a6d8cc627d44dd9eadad6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd778a59b-6bc4-4e21-bec7-38d1b87be05b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12254
x-amzn-requestid: f38b287f-1426-4fd8-8608-72a72778a939
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3pVHPKIAMF7AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49fd5-1a67e1244d14cbac5f03a8d7;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mkQTWaUaQMsiGDvf95jLRX8VjfxZ0oiu4wnwM8ct8Es4GmGSjP3U-g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:54:33 GMT
age: 17247
etag: "861b6c16e2a034b9793dde7a6898cbf485c4b6e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fae0836-a888-409d-9ad4-e4791536b146.png
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fae0836-a888-409d-9ad4-e4791536b146.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8a37f8d46e8ab1478a0347c1de2d647
4547e54e620a8f45bd76d55f78eb05d5ad175f1f
176804e5630d33ded9d117504d63dbb718c8e682afdf8cbc18390d0f25790a80
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fae0836-a888-409d-9ad4-e4791536b146.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9531
x-amzn-requestid: 18053309-6970-4993-92b2-1c567542baa2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL4N2EoNoAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a0be-5030fcc056a4cd26341f1bcd;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M-JtEYOFV8yssEu0dxlrDPoY_BSlARR3Pu8lfC3dYV4sL_Xg_wYAdA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:50:43 GMT
etag: "4547e54e620a8f45bd76d55f78eb05d5ad175f1f"
content-type: image/jpeg
age: 17477
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c820340d5ed98c9573754e3a749bf40c
09d31b45d4cc16c4d321e616e5445d9ba921a1ba
2a69c58358ae763ddef6603f783d7d25c465ff4d3777e6bd540c1b673381813a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8307
x-amzn-requestid: 978a4b33-aded-49d7-a4a8-2ff5ee894b02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0Oh0EhpIAMFyYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab2ad8-485bd7767c2ad3756ae98e7d;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 17:26:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtbwxgXLwldY3D9Nz1tDdCzdwiOEJoAUANE_YSyIsBLwQI4pRmrlpQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 03:33:06 GMT
age: 83334
etag: "09d31b45d4cc16c4d321e616e5445d9ba921a1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36836a00-5089-401d-9a69-e25230099d0a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36836a00-5089-401d-9a69-e25230099d0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cb033e4a3035a49677a810f764021597
a76b2ab1c4b33be2244cc4e81ee56b95d9ddc860
fa816b99c77b4c1ac27153355574d7a4fbdc1a43ac8417bdfd45004fb54b878a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36836a00-5089-401d-9a69-e25230099d0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6861
x-amzn-requestid: eb43b3e5-316e-4fa0-b6a7-696e747a4e6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3IuGQFoAMFwbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49f04-3d752ea257c839dc59e5b803;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:32:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WrCm8Xxp2Rt3nAx0N3XN0KAetKaWuoPyN2s9FmYo1XDJ2YI4g9TTEQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 22:10:14 GMT
age: 16306
etag: "a76b2ab1c4b33be2244cc4e81ee56b95d9ddc860"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 86e9b87e95b9f0c230fecf8ab0c19496
2048ccc891d0382c9dbb59aca0ef05392b4bc0b6
69d457c7537f8fca84008fd829b4e0a7f9f870147550f33174a4634ee70163d0
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 03 Jan 2023 08:35:09 GMT
Expires: Wed, 04 Jan 2023 08:35:09 GMT
ETag: "2048ccc891d0382c9dbb59aca0ef05392b4bc0b6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
dimg04.c-ctrip.com/images/0106312000a9q6p3x8294.gif?proc=autoorient
104.110.17.24200 OK 159 kB URL HTTP/2 dimg04.c-ctrip.com/images/0106312000a9q6p3x8294.gif?proc=autoorient
IP 104.110.17.24:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 159 kB (158847 bytes)
Hash a497c1ae73df54fe08463b3342b8d1d0
73ce4da38e2826e033444992cff2a827eb474c97
e9f7f7dc820dc334c1cf0e7ccb151c7483c7a64cc7c28f50de03fa2f65c34957
GET /images/0106312000a9q6p3x8294.gif?proc=autoorient HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 158847
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=5811410
expires: Sun, 12 Mar 2023 08:58:50 GMT
date: Wed, 04 Jan 2023 02:42:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 86e9b87e95b9f0c230fecf8ab0c19496
2048ccc891d0382c9dbb59aca0ef05392b4bc0b6
69d457c7537f8fca84008fd829b4e0a7f9f870147550f33174a4634ee70163d0
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 03 Jan 2023 08:35:09 GMT
Expires: Wed, 04 Jan 2023 08:35:09 GMT
ETag: "2048ccc891d0382c9dbb59aca0ef05392b4bc0b6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 86e9b87e95b9f0c230fecf8ab0c19496
2048ccc891d0382c9dbb59aca0ef05392b4bc0b6
69d457c7537f8fca84008fd829b4e0a7f9f870147550f33174a4634ee70163d0
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 03 Jan 2023 08:35:09 GMT
Expires: Wed, 04 Jan 2023 08:35:09 GMT
ETag: "2048ccc891d0382c9dbb59aca0ef05392b4bc0b6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 86e9b87e95b9f0c230fecf8ab0c19496
2048ccc891d0382c9dbb59aca0ef05392b4bc0b6
69d457c7537f8fca84008fd829b4e0a7f9f870147550f33174a4634ee70163d0
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 04 Jan 2023 02:42:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 03 Jan 2023 08:35:09 GMT
Expires: Wed, 04 Jan 2023 08:35:09 GMT
ETag: "2048ccc891d0382c9dbb59aca0ef05392b4bc0b6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 01a50f3c2b8ba7d6909844d1d05a3144
463183fa71af76adf1954bcf8e833f1a46897120
6714f18a085c69e5c2fe3dccace3dd1051e1f0d917cf184de3f1c22f86390a64
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 01:10:44 GMT
Expires: Wed, 11 Jan 2023 01:10:43 GMT
Etag: "463183fa71af76adf1954bcf8e833f1a46897120"
Cache-Control: max-age=598721,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78409e565f370afe-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0357b60bac9d7afe7a3f8a2bd91e7b2a
d53e19e1a54acaa90cbfead705781e7947146cee
3b75144db63d3d4608f4f81a20cd926c14d8d3e2b62b88aafc3db9517213a222
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 22:05:45 GMT
Expires: Tue, 10 Jan 2023 22:05:44 GMT
Etag: "d53e19e1a54acaa90cbfead705781e7947146cee"
Cache-Control: max-age=587622,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78409e5678e0b503-OSL
tpkj3333.com/img/k80m/obG0H52JR.gif
66.203.157.56200 OK 21 kB URL HTTP/1.1 tpkj3333.com/img/k80m/obG0H52JR.gif
IP 66.203.157.56:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 200 x 200\012- data
Hash 8c81abe2c6a866851673679ed7424e30
7dd02334e6a06362edd6cfe693da9d963930d8a3
53f74caa2b2fd9c8572c07d46dff670b2386da9833791df6cd34ed1b4547a41a
GET /img/k80m/obG0H52JR.gif HTTP/1.1
Host: tpkj3333.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:01 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"21152-1671636756000"
Last-Modified: Wed, 21 Dec 2022 15:32:36 GMT
Expires: Thu, 19 Jan 2023 02:42:01 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
tpkj3333.com/img/k80m/obGVgwik5.gif
66.203.157.56200 OK 94 kB URL HTTP/1.1 tpkj3333.com/img/k80m/obGVgwik5.gif
IP 66.203.157.56:0
ASN #59371 Dimension Network & Communication Limited
File type GIF image data, version 89a, 960 x 80\012- data
Hash db6cbc295f77db52b525875384867503
e693f8a3cad89acf39afc42ef20db1e347b8ea66
a90792768722fc64366ca017ec210b53cae229393c9a9209d18f8d322a7dc727
GET /img/k80m/obGVgwik5.gif HTTP/1.1
Host: tpkj3333.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 04 Jan 2023 02:42:01 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"321131-1671636520000"
Last-Modified: Wed, 21 Dec 2022 15:28:40 GMT
Expires: Thu, 19 Jan 2023 02:42:01 GMT
Cache-Control: max-age=1296000
Content-Encoding: gzip
Nginx-Cache: HIT, HIT
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 0e1e6e7acb8bf5710fd507a822824231
6212ee101b077268221c5fd64012a070a84ab955
6380c8aa1ec272e021dcbbe73c247fe7f36a4e4322e33f7778dba377e92b8c4f
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:02 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 22:55:58 GMT
Expires: Sat, 07 Jan 2023 22:55:57 GMT
Etag: "6212ee101b077268221c5fd64012a070a84ab955"
Cache-Control: max-age=331434,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78409e5aee891c02-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 4e43aa233cf229ffb204f461ec43d883
d8b9683fde81caf3a231de81045c4d208a6d268e
9cc5632f01e85d7e5789f2bae8b3ac919be4e269b7703be5af8ea02e3d867d53
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:02 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 03 Jan 2023 19:03:57 GMT
Expires: Tue, 10 Jan 2023 19:03:56 GMT
Etag: "d8b9683fde81caf3a231de81045c4d208a6d268e"
Cache-Control: max-age=576713,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78409e5aee7cfabc-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 0e1e6e7acb8bf5710fd507a822824231
6212ee101b077268221c5fd64012a070a84ab955
6380c8aa1ec272e021dcbbe73c247fe7f36a4e4322e33f7778dba377e92b8c4f
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:02 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 31 Dec 2022 22:55:58 GMT
Expires: Sat, 07 Jan 2023 22:55:57 GMT
Etag: "6212ee101b077268221c5fd64012a070a84ab955"
Cache-Control: max-age=331434,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78409e5ae954b51b-OSL
taiwtp1.com/xin/200200sas.gif
220.128.218.220200 OK 694 kB URL HTTP/2 taiwtp1.com/xin/200200sas.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 200 x 200\012- data
Size 694 kB (693471 bytes)
Hash e6ff7b0afb00d39bca2032b100e871ec
f3da5b9bd4d1769ed482bf6f23c3b05ded824d63
41d7266ed35337d77b04bad32c7ec3c4b44e7a1707f6c6f21c8e6bc4c9f3f252
GET /xin/200200sas.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 02:35:17 GMT
content-type: image/gif
content-length: 693471
last-modified: Sat, 26 Nov 2022 10:45:28 GMT
etag: "6381ee48-a94df"
expires: Fri, 03 Feb 2023 02:35:17 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b6cba4c2c68af37d4720cb33c76c7a1f
fd56e9ffbd0df2ca3e8a9ae5ce9d9b536f4fdbc0
e11c6b367642f322826ad5962d76dbd0a1bfebf291737d68d2f811e52a85aa8b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 04:33:41 GMT
Expires: Sun, 08 Jan 2023 04:33:40 GMT
Etag: "fd56e9ffbd0df2ca3e8a9ae5ce9d9b536f4fdbc0"
Cache-Control: max-age=351697,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78409e5b1aa9b503-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b6cba4c2c68af37d4720cb33c76c7a1f
fd56e9ffbd0df2ca3e8a9ae5ce9d9b536f4fdbc0
e11c6b367642f322826ad5962d76dbd0a1bfebf291737d68d2f811e52a85aa8b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 04:33:41 GMT
Expires: Sun, 08 Jan 2023 04:33:40 GMT
Etag: "fd56e9ffbd0df2ca3e8a9ae5ce9d9b536f4fdbc0"
Cache-Control: max-age=351697,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78409e5b18650afe-OSL
339282bdb.com/046e0c94385c4bd7a0e5c05aa352ccde.gif
103.170.15.98200 OK 482 kB URL HTTP/1.1 339282bdb.com/046e0c94385c4bd7a0e5c05aa352ccde.gif
IP 103.170.15.98:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 240\012- data
Size 482 kB (481921 bytes)
Hash 4037a5a78e09ecffd1f2e6e8b1443640
a9941527f1d96525d23135df17c9318051ab45d9
8ef76b81c89c852ee0cba956557bd269ea3e887f9b0ddc47f6643679cb23ac54
Analyzer Verdict Alert quad9 Sinkholed
GET /046e0c94385c4bd7a0e5c05aa352ccde.gif HTTP/1.1
Host: 339282bdb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63a6f9cc-75a81"
Date: Mon, 26 Dec 2022 13:43:31 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 24 Dec 2022 13:08:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-28
Content-Length: 481921
99997aaa.com/b25b4cb3f3b6410e865d80ab3ac7251a.gif
45.61.212.119200 OK 748 kB URL HTTP/1.1 99997aaa.com/b25b4cb3f3b6410e865d80ab3ac7251a.gif
IP 45.61.212.119:0
File type GIF image data, version 89a, 750 x 120\012- data
Size 748 kB (748166 bytes)
Hash dc16c165d9da37bf4a9e9596a765425c
824e5729161352cd5f7b57faea8a32c54d35b410
4abb336ff1a1a08dc2963b708638359da654fadaf843669e4406d6ab348b4608
Analyzer Verdict Alert quad9 Sinkholed
GET /b25b4cb3f3b6410e865d80ab3ac7251a.gif HTTP/1.1
Host: 99997aaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6374b813-b6a86"
Date: Tue, 27 Dec 2022 14:42:56 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Wed, 16 Nov 2022 10:14:43 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-19
Content-Length: 748166
8499132.com/8499/150x150.gif
172.247.109.216200 OK 185 kB URL HTTP/2 8499132.com/8499/150x150.gif
IP 172.247.109.216:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 185 kB (185171 bytes)
Hash 09b278a0ce767cdcdc3b9be868a94320
b69d4a2345f4d5ae6cc772a70456ea7aea74ce95
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
GET /8499/150x150.gif HTTP/1.1
Host: 8499132.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 02:42:02 GMT
content-type: image/gif
content-length: 185171
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
etag: "2d353-5f0e00094173c"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash a1acbfc766a67c23d3005f6229a45f66
5b035cd73d13024d063dd592b444975a7d7035f3
24096dba7d00ee8afd059ba8d1727cd2d169bc3602b4223cdcbc943d87611d89
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 08 Jan 2023 01:45:11 GMT
ETag: "5b035cd73d13024d063dd592b444975a7d7035f3"
Last-Modified: Wed, 04 Jan 2023 01:45:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78409e5f9889b505-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash a1acbfc766a67c23d3005f6229a45f66
5b035cd73d13024d063dd592b444975a7d7035f3
24096dba7d00ee8afd059ba8d1727cd2d169bc3602b4223cdcbc943d87611d89
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 08 Jan 2023 01:45:11 GMT
ETag: "5b035cd73d13024d063dd592b444975a7d7035f3"
Last-Modified: Wed, 04 Jan 2023 01:45:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78409e5f9ad7b4ee-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash a1acbfc766a67c23d3005f6229a45f66
5b035cd73d13024d063dd592b444975a7d7035f3
24096dba7d00ee8afd059ba8d1727cd2d169bc3602b4223cdcbc943d87611d89
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 08 Jan 2023 01:45:11 GMT
ETag: "5b035cd73d13024d063dd592b444975a7d7035f3"
Last-Modified: Wed, 04 Jan 2023 01:45:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78409e5f9fecb517-OSL
935676yfc.com/c4077fc5c633479ab52a91aaabf88297.gif
103.170.15.103200 OK 229 kB URL HTTP/1.1 935676yfc.com/c4077fc5c633479ab52a91aaabf88297.gif
IP 103.170.15.103:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 240\012- data
Size 229 kB (229133 bytes)
Hash 05361b2fb60ed9d264c7b3bd32307bd6
5c7cb284577c466e0c1554bab0fb8a296174e469
239a8854957af253497747d41c73282a686b7936453a8e3920b83ac4cfdbf147
GET /c4077fc5c633479ab52a91aaabf88297.gif HTTP/1.1
Host: 935676yfc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6395a827-37f0d"
Date: Sat, 24 Dec 2022 08:12:12 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 11 Dec 2022 09:51:35 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 229133
8499159.com/8499/zzxx/960x120.gif
23.225.237.36200 OK 354 kB URL HTTP/2 8499159.com/8499/zzxx/960x120.gif
IP 23.225.237.36:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 354 kB (354036 bytes)
Hash 2d6d5452643b03b38c6f14f6306a0079
9e50430b6c7a04abfd8bdbc43dbf00a0595aa78f
1cc8767e7b27b286a7268e16ea46bd799c3ca8b06f79cb675e55a4375497845c
GET /8499/zzxx/960x120.gif HTTP/1.1
Host: 8499159.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 02:42:02 GMT
content-type: image/gif
content-length: 354036
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
etag: "566f4-5f092cf095cff"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
8499132.com/8499/yb150X150.gif
172.247.109.216200 OK 172 kB URL HTTP/2 8499132.com/8499/yb150X150.gif
IP 172.247.109.216:0
File type GIF image data, version 89a, 150 x 150\012- data
Size 172 kB (171916 bytes)
Hash a0c8602be33e9ee8e539c095dd060e74
c1e775b710cb7e59527b5638552a912ec9b68efd
987e2ce42d672d16270eb36654e33cbb112e8f9631a7cde7b8e10db8cb5ecdc3
GET /8499/yb150X150.gif HTTP/1.1
Host: 8499132.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 02:42:02 GMT
content-type: image/gif
content-length: 171916
last-modified: Sun, 18 Dec 2022 07:40:57 GMT
etag: "29f8c-5f01552c48972"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 806b04d304c284bce3f31960a7623eaf
ab9d7d4a92ee482f914d0f5708c074023eea00f3
d6d09078cfa907ad5d579eda04513e93164a80dbb140a45086a622f6e98cc0cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D6D09078CFA907AD5D579EDA04513E93164A80DBB140A45086A622F6E98CC0CF"
Last-Modified: Sun, 01 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3826
Expires: Wed, 04 Jan 2023 03:45:49 GMT
Date: Wed, 04 Jan 2023 02:42:03 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash a1acbfc766a67c23d3005f6229a45f66
5b035cd73d13024d063dd592b444975a7d7035f3
24096dba7d00ee8afd059ba8d1727cd2d169bc3602b4223cdcbc943d87611d89
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 02:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 08 Jan 2023 01:45:11 GMT
ETag: "5b035cd73d13024d063dd592b444975a7d7035f3"
Last-Modified: Wed, 04 Jan 2023 01:45:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78409e60bf9d1bfa-OSL
935676yfc.com/82496202cb2c4e56ba49b0c254343bd0.gif
103.170.15.103200 OK 1.0 MB URL HTTP/1.1 935676yfc.com/82496202cb2c4e56ba49b0c254343bd0.gif
IP 103.170.15.103:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.0 MB (1003281 bytes)
Hash daa7b1bac9f2a8b6e384971154f11753
62d445160534e04d36369efdcbb24a34223bda95
e603d6c689670c7a0f72a8c341b64aa06965479f543e2a170c1b73f9f67c26dc
GET /82496202cb2c4e56ba49b0c254343bd0.gif HTTP/1.1
Host: 935676yfc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "6370b512-f4f11"
Date: Fri, 02 Dec 2022 11:03:43 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sun, 13 Nov 2022 09:12:50 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-33
Content-Length: 1003281
ky.lvcfgus.cn/960X80.gif
218.66.171.198200 OK 334 kB IP 218.66.171.198:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 334 kB (333835 bytes)
Hash 9bda367b284938fd826380119ede7fc2
9d8593ffcbd9b1d76df01d5d56f0470e7ee8ea1a
3d0b1ac24ba2b9b8e5386571980f8421a7881a34d8c38753f2dcbd1b7fc96174
GET /960X80.gif HTTP/1.1
Host: ky.lvcfgus.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: NgxFence
date: Wed, 04 Jan 2023 02:42:03 GMT
content-type: image/gif
content-length: 333835
x-oss-request-id: 63A4A4F21F8563343797FECA
etag: "9BDA367B284938FD826380119EDE7FC2"
last-modified: Tue, 29 Nov 2022 08:28:09 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11817855677551308811
x-oss-storage-class: Standard
x-oss-server-side-encryption: AES256
content-md5: m9o2eyhJOP2CY4ARnt5/wg==
x-oss-server-time: 1
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
121.226.246.3200 OK 1.4 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.4 MB (1368366 bytes)
Hash e2d39c8f7400e280a030d2973e264a40
aaae77607041010aaee190544bdbe9591a87d1f8
8c03d26da39edc9f28d4af8e91b1adefe9fdccff142178da3110a15bacf08134
GET /ott/jfs/t1/100541/13/34425/1368366/6380d2c7E557223e9/c7ab328a6bf1c202.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 02:42:03 GMT
content-type: image/gif
content-length: 1368366
cache-control: max-age=15552000
expires: Sun, 02 Jul 2023 11:53:14 GMT
last-modified: Fri, 25 Nov 2022 14:35:51 GMT
age: 53329
via: http/1.1 ORI-CLOUD-HUZ-MIX-22 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-18 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672746794602-0-0-15-62-62;200;200-1672766335883-0-0-0-6-6;200-1672800123199-0-0-0-1-1
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/80056/13/23978/1794526/6380cf4bE3ee349b4/878b8675d409ca7f.gif
121.226.246.3200 OK 1.8 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/80056/13/23978/1794526/6380cf4bE3ee349b4/878b8675d409ca7f.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 240\012- data
Size 1.8 MB (1794526 bytes)
Hash c345c325b2dd601744e2fdf749337f8e
dd3274e216acb47a17b211ad0a14a84ed72322c4
01e6d867c83b80e6e0dcacb7c4d09ea7118bb3cce0e8bf20457a54f3e172777e
GET /ott/jfs/t1/80056/13/23978/1794526/6380cf4bE3ee349b4/878b8675d409ca7f.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 02:42:03 GMT
content-type: image/gif
content-length: 1794526
cache-control: max-age=15552000
expires: Sun, 02 Jul 2023 02:49:20 GMT
last-modified: Fri, 25 Nov 2022 14:20:59 GMT
age: 85964
via: http/1.1 ORI-CLOUD-HUZ-MIX-15 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-11 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672714159966-0-0-14-67-67;200;200-1672788818691-0-0-0-5-5;200-1672800123201-0-0-0-2-2
X-Firefox-Spdy: h2
kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
121.226.246.3200 OK 1.4 MB URL HTTP/2 kjimg10.360buyimg.com/ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif
IP 121.226.246.3:0
File type GIF image data, version 89a, 960 x 80\012- data
Size 1.4 MB (1411145 bytes)
Hash 3e2a08c45f216f23995e08dc45ed0e86
c9390027ee4885cb509d8b2ad37d6daa9698631e
ffdceb96ee4670386b85d0e2389496569d7e5e9f16844c2f26e9656482a8f12f
GET /ott/jfs/t1/46182/9/21860/1411145/63819a6eEcb8ec547/ae47a05d2165a957.gif HTTP/1.1
Host: kjimg10.360buyimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdctg0.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 02:42:03 GMT
content-type: image/gif
content-length: 1411145
cache-control: max-age=15552000
expires: Wed, 28 Jun 2023 11:07:55 GMT
last-modified: Sat, 26 Nov 2022 04:47:42 GMT
age: 401649
via: http/1.1 ORI-CLOUD-HUZ-MIX-15 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-18 (jcs [cRs f ])
access-control-allow-origin: *
timing-allow-origin: *
x-trace: 200-1672398474986-0-0-0-97-97;200;200-1672630158155-0-0-0-8-8;200-1672800123214-0-0-0-1-1
X-Firefox-Spdy: h2