jp.ldplayer.net/apps/com-snowcorp-epik-on-pc.html
54.230.111.18301 Moved Permanently 167 B URL HTTP/1.1 jp.ldplayer.net/apps/com-snowcorp-epik-on-pc.html
IP 54.230.111.18:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /apps/com-snowcorp-epik-on-pc.html HTTP/1.1
Host: jp.ldplayer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 26 Nov 2022 04:42:28 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://jp.ldplayer.net/apps/com-snowcorp-epik-on-pc.html
X-Cache: Redirect from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: tRgcbqNWPmMEwSClLP8Q8AghZwLN9-IOQpcOkXMXLq16JfUK7S6gsw==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2340
Expires: Sat, 26 Nov 2022 05:21:29 GMT
Date: Sat, 26 Nov 2022 04:42:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4794
Cache-Control: max-age=112119
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:29 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:51:08 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4720
Expires: Sat, 26 Nov 2022 06:01:09 GMT
Date: Sat, 26 Nov 2022 04:42:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 04:17:30 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1499
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: I5C9f/Ne9iyhYY+XpgI8MorYwgDQ1B3s3QRooWgxWUeSdX855fLcc/boMNn4dYwxIJc7xQ0MyJ8=
x-amz-request-id: NJM9B5A1BF1CZCER
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 04:41:04 GMT
age: 85
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4c983aaa80f67b9c2b63a9f9f0633da0
c8a50d39729ae612088d8b4a790ccc6743860fc3
d11b2448dcada1b07fe6cf690e260869c7cddba027b78b370ef4336ad8639c51
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140080
Date: Sat, 26 Nov 2022 04:42:29 GMT
Etag: "63811965-1d7"
Expires: Sun, 27 Nov 2022 19:37:09 GMT
Last-Modified: Fri, 25 Nov 2022 19:37:09 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PXaP-MbXWS-4ql0tjzZpb1D59uDzvB6r5RKHLmdliu-73Hv53n_JNg==
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 04:42:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 1878
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 4c983aaa80f67b9c2b63a9f9f0633da0
c8a50d39729ae612088d8b4a790ccc6743860fc3
d11b2448dcada1b07fe6cf690e260869c7cddba027b78b370ef4336ad8639c51
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140080
Date: Sat, 26 Nov 2022 04:42:29 GMT
Etag: "63811965-1d7"
Expires: Sun, 27 Nov 2022 19:37:09 GMT
Last-Modified: Fri, 25 Nov 2022 19:37:09 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z-M6xcKy_lYlPVUEPJmoQBdXivuPfpw9ltBOsNQxKIkrEc78JyVdmg==
Age: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5004
Cache-Control: max-age=107266
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:29 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:30:15 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
encdn.ldmnq.com/gw/assets/images/05/gw-new/next-icon.png
54.230.111.38200 OK 171 B URL HTTP/2 encdn.ldmnq.com/gw/assets/images/05/gw-new/next-icon.png
IP 54.230.111.38:0
File type PNG image data, 11 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 223b3bca060f60ed996b7577947c8215
bcfd66813b950f79734fc5b9e72d74d83ee4663f
d3b6cb89347c29fdb61545172403ca507a1f9a6348648efd54e38f9375658898
GET /gw/assets/images/05/gw-new/next-icon.png HTTP/1.1
Host: encdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 171
server: AliyunOSS
x-oss-request-id: 637E72C3700FB1393374DA43
accept-ranges: bytes
last-modified: Wed, 23 Sep 2020 08:44:20 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9621270581342172303
x-oss-storage-class: Standard
content-md5: Ijs7ygYPYO2Za3V3lHyCFQ==
x-oss-server-time: 1
date: Fri, 25 Nov 2022 19:22:29 GMT
etag: "223B3BCA060F60ED996B7577947C8215"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AVdmZpbPUGnzAa-UJvzeFRzoHkamAGujIzuwBr9PqmTw031B597JvQ==
age: 33647
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash fee88c19379e9c0c3cfc0c627a2017a5
c24c3e5d5ec9094774125568ea591faff13fbdd1
85f437eefdfe146c0dfa7106236028fd408fe7bbf8c7ca0b23e80bc22cbbea98
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152761
Date: Sat, 26 Nov 2022 04:42:29 GMT
Etag: "63813561-1d7"
Expires: Sun, 27 Nov 2022 23:08:30 GMT
Last-Modified: Fri, 25 Nov 2022 21:36:33 GMT
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D9c1SqSRab1k8VoJEDI8Hkpo5iL2HbncqpBoAHZshok9TjlH_hDoDQ==
Age: 5517
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (4885)
Hash ba8fc52da846db3867552f6651b2d4bf
379c95a2c85e00992bbe43770dc88ae990729ca0
5b3a50b4265437b8ef6be6a380b4d80ab8aa29e463d5118aff8e5aa384fc6d14
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 26 Nov 2022 04:42:29 GMT
expires: Sat, 26 Nov 2022 04:42:29 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5904398351157784791
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/small-flash.c3f5d03.png
143.204.55.63200 OK 5.8 kB URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/img/small-flash.c3f5d03.png
IP 143.204.55.63:0
File type PNG image data, 73 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash 715db62656890aa666f13ac3d885a9c3
72b3f5b8e3741a22a3cb182972f7b41f8eefa3b6
6a6df6fe5aaa5c369c636843224dfc70233fe476f1d1d9e7335101b8a4f64bdb
GET /gw/static/ld_gw/client/img/small-flash.c3f5d03.png HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5845
server: AliyunOSS
x-oss-request-id: 636C598722435B393500B0A5
accept-ranges: bytes
last-modified: Wed, 09 Nov 2022 10:20:57 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9832539087897576902
x-oss-storage-class: Standard
content-md5: cV22JlaJCqZm8TrD2IWpww==
x-oss-server-time: 2
date: Sat, 26 Nov 2022 01:56:16 GMT
etag: "715DB62656890AA666F13AC3D885A9C3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uSA00SmPp2yuHON5v3XgKv5oF2WDxAT6ECR9wqkw4BVoDkgZkDMSQQ==
age: 9973
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash fc25e80c054d3d44a80695a2cc18a31b
935645e8094047823f6a24d9ddd3d768f7f3e1f7
5165e3851f3bf6f1c9fdd5e70b1c8a11d4de682fbdba272e8af45b39ad7ec36c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158652
Date: Sat, 26 Nov 2022 04:42:29 GMT
Etag: "63814d77-1d7"
Expires: Mon, 28 Nov 2022 00:46:41 GMT
Last-Modified: Fri, 25 Nov 2022 23:19:19 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HMspiFm7Z8n_T3-jUDRJwPbPR9_r6V84wYBuX0qP8riopXO29g8heA==
Age: 5242
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/logo.ce317ad.png
143.204.55.63200 OK 2.5 kB URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/img/logo.ce317ad.png
IP 143.204.55.63:0
File type PNG image data, 194 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 126bd80b9d0ab69eb812c229604ddd9e
e6bb089337bfd8023720b4c44fe7569a4151fe7f
e13300ff194f3b144d36462402fbf56415dac7eb6c3ccca67e7c1dbc68993fbb
GET /gw/static/ld_gw/client/img/logo.ce317ad.png HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2498
server: AliyunOSS
x-oss-request-id: 637042057CC77538312C5294
accept-ranges: bytes
last-modified: Fri, 11 Nov 2022 10:42:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10728839309070377095
x-oss-storage-class: Standard
content-md5: EmvYC50Ktp64EsIpYE3dng==
x-oss-server-time: 2
date: Sat, 26 Nov 2022 01:02:35 GMT
etag: "126BD80B9D0AB69EB812C229604DDD9E"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: q66UDqxi4jZcxoI0MpVIu8WPNsvDxXxyM8yfSqH0sKZ5g5Ud_-QeAA==
age: 13194
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/arrows-icon.80618ab.png
143.204.55.63200 OK 1.1 kB URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/img/arrows-icon.80618ab.png
IP 143.204.55.63:0
File type PNG image data, 9 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash aa5e9b20ddaa2220782db9cda6c2b4fa
9c457cfe20c21efa385be71affa74692d2133ebe
b50a4c4d8006dede32ea436d891191993cb43dd27ae444f7192fb91441a8580e
GET /gw/static/ld_gw/client/img/arrows-icon.80618ab.png HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1083
server: AliyunOSS
x-oss-request-id: 63718F0343F9F8383806BD99
accept-ranges: bytes
last-modified: Sun, 13 Nov 2022 05:24:29 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17405699561455664436
x-oss-storage-class: Standard
content-md5: ql6bIN2qIiB4LbnNpsK0+g==
x-oss-server-time: 3
date: Sat, 26 Nov 2022 00:45:08 GMT
etag: "AA5E9B20DDAA2220782DB9CDA6C2B4FA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: k-LDU35dz5cEbgT-5lwo1Pm-EvMKziaM447CkuIgxb9qO9ZH3sptpQ==
age: 14241
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/video-icon-2.ea0059b.png
143.204.55.63200 OK 1.1 kB URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/img/video-icon-2.ea0059b.png
IP 143.204.55.63:0
File type PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 30552e12c76ba3f5df39051b8a3b97ed
3c9554b5cb9de9a108d6c10a1889a108f6ed0bda
a43fca718a3f29d6c5817925ba0df5c686779c3cc6fc35a455ac6d15a2511476
GET /gw/static/ld_gw/client/img/video-icon-2.ea0059b.png HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1140
server: AliyunOSS
x-oss-request-id: 63706E3E22435B3033157DCE
accept-ranges: bytes
last-modified: Fri, 11 Nov 2022 10:42:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8983550354238885516
x-oss-storage-class: Standard
content-md5: MFUuEsdro/XfOQUbijuX7Q==
x-oss-server-time: 2
date: Sat, 26 Nov 2022 04:13:36 GMT
etag: "30552E12C76BA3F5DF39051B8A3B97ED"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: L4mq4UPrP7prdwA_uFeoYC5SlrDnw6Si_ynXgos76J2ZdCVU5Icflg==
age: 1733
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/arrows-r-icon.7cdc7e0.png
143.204.55.63200 OK 1.1 kB URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/img/arrows-r-icon.7cdc7e0.png
IP 143.204.55.63:0
File type PNG image data, 9 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash d26c333005f0048e2f81a4568b81f8bc
601292ef548ac0914c2e6f42c96708b5894aac20
5511e4be4cbd2400db6b62d3247ed5a64a6c75205ccc5a31cfbf33172e162bde
GET /gw/static/ld_gw/client/img/arrows-r-icon.7cdc7e0.png HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1114
server: AliyunOSS
date: Sat, 26 Nov 2022 02:10:52 GMT
x-oss-request-id: 638175AC5676773631A09555
accept-ranges: bytes
etag: "D26C333005F0048E2F81A4568B81F8BC"
last-modified: Fri, 25 Nov 2022 11:10:22 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16156252762771723240
x-oss-storage-class: Standard
content-md5: 0mwzMAXwBI4vgaRWi4H4vA==
x-oss-server-time: 2
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: u8uuoqwWZ07ewR6R4un-71f_3_yXfTkrXm5ghQrwSyl_pUXN9blg5w==
age: 9097
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/floor-jump-bg.3f5fc52.png
143.204.55.63200 OK 28 kB URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/img/floor-jump-bg.3f5fc52.png
IP 143.204.55.63:0
File type PNG image data, 126 x 159, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d26bf01e51872330e4ab0e4eb732f4b
7032715a71dca79f86ba244485cb22a76f2eb34c
1d8b44b2c5eb04e7e7e2b859bcc9f213c6e9581638168f7d6fd86380a9b35d40
GET /gw/static/ld_gw/client/img/floor-jump-bg.3f5fc52.png HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 28101
server: AliyunOSS
x-oss-request-id: 63704894700FB13530F471FE
accept-ranges: bytes
last-modified: Fri, 11 Nov 2022 10:42:19 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2023985084404361241
x-oss-storage-class: Standard
content-md5: LSa/AeUYcjMOSrDk63MvSw==
x-oss-server-time: 3
date: Sat, 26 Nov 2022 01:31:35 GMT
etag: "2D26BF01E51872330E4AB0E4EB732F4B"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Cmqk_1jz7ofnSoyCzNd_aD28nxbudbIej90Qs7HDdDfpeOHffXjXvA==
age: 11454
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/footer-logo.568397a.png
143.204.55.63200 OK 4.0 kB URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/img/footer-logo.568397a.png
IP 143.204.55.63:0
File type PNG image data, 400 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f967c184731e82fdacd50bbeba6e4b1
720c4eac5a1d277b2054faae9b29f1e7ee789a78
e4cd0cf7fff7a2798cf2cdcadde4ad4512a0259451956e7318374dc0ce09a2f2
GET /gw/static/ld_gw/client/img/footer-logo.568397a.png HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3975
server: AliyunOSS
x-oss-request-id: 637038A936F90D373713FB8C
accept-ranges: bytes
last-modified: Fri, 11 Nov 2022 10:42:20 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14465316945949382965
x-oss-storage-class: Standard
content-md5: T5Z8GEcx6C/azVC766bksQ==
x-oss-server-time: 1
date: Sat, 26 Nov 2022 00:22:49 GMT
etag: "4F967C184731E82FDACD50BBEBA6E4B1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Xl5aPBw1kBTpQgvE_6-LKCVUCxtnO7YCuTkx7YESffCE3RTnQsUzPw==
age: 15580
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/img/video-icon-3.f058df2.png
143.204.55.63200 OK 1.2 kB URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/img/video-icon-3.f058df2.png
IP 143.204.55.63:0
File type PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e9fe5d04e58de387c43d3bfb342a3ca
3af27cbae811055f318d70fbf51c17c9058a4ab3
0aac002679cc94de90bce1b283fc4a89647ca95badc0ae151138734cd81b7902
GET /gw/static/ld_gw/client/img/video-icon-3.f058df2.png HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1160
server: AliyunOSS
x-oss-request-id: 6374408A75AAC5343351A3DA
accept-ranges: bytes
last-modified: Tue, 15 Nov 2022 10:28:12 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12458122828357538856
x-oss-storage-class: Standard
content-md5: Tp/l0E5Y3jh8Q9O/s0Kjyg==
x-oss-server-time: 2
date: Sat, 26 Nov 2022 01:46:42 GMT
etag: "4E9FE5D04E58DE387C43D3BFB342A3CA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LqOCg6Uz9--vcddAqDCOEpnvbfYdDB_kAWpSE0K3xttjK5VjDH4QEg==
age: 10547
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash fc25e80c054d3d44a80695a2cc18a31b
935645e8094047823f6a24d9ddd3d768f7f3e1f7
5165e3851f3bf6f1c9fdd5e70b1c8a11d4de682fbdba272e8af45b39ad7ec36c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159194
Date: Sat, 26 Nov 2022 04:42:30 GMT
Etag: "63814d77-1d7"
Expires: Mon, 28 Nov 2022 00:55:44 GMT
Last-Modified: Fri, 25 Nov 2022 23:19:19 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XuWL8smuIyx_4Kx-eW3wRxryrKjXgi3xdEkOqrAL0O9OiQi3vKXgcQ==
Age: 5785
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.2200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 25 Nov 2022 10:25:42 GMT
expires: Fri, 09 Dec 2022 10:25:42 GMT
cache-control: public, max-age=1209600
age: 65808
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.167.231.108101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.231.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Y7eVa0a+qo/fjLrwWBEhog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FcNFT94BA/JE+iY5kO67KWB5m2M=
encdn00.ldmnq.com/gw/assets/images/05/aside/twitter-icon.png
54.230.111.38200 OK 3.1 kB URL HTTP/2 encdn00.ldmnq.com/gw/assets/images/05/aside/twitter-icon.png
IP 54.230.111.38:0
File type PNG image data, 85 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash ab8ef36bd0e404caba47dfb568157778
13036659c28f0c4de94129e536c1de778e9dffa9
f913fb5cdac37c1a0e7b892d91c77f34674605399cc577ccea18a25aa076939b
GET /gw/assets/images/05/aside/twitter-icon.png HTTP/1.1
Host: encdn00.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3120
server: AliyunOSS
x-oss-request-id: 636B302A0900E63837D64AE8
accept-ranges: bytes
last-modified: Tue, 19 May 2020 07:02:04 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17541682917730283414
x-oss-storage-class: Standard
content-md5: q47za9DkBMq6R9+1aBV3eA==
x-oss-server-time: 3
date: Sat, 26 Nov 2022 04:42:30 GMT
etag: "AB8EF36BD0E404CABA47DFB568157778"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jl7v6Vvf_hVPF6jqi7qO8wOs5cXiWFaAoVctXlgJEJiTOBE933oz_w==
age: 80762
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
encdn00.ldmnq.com/gw/static/video/video.min.js
54.230.111.38200 OK 110 kB URL HTTP/2 encdn00.ldmnq.com/gw/static/video/video.min.js
IP 54.230.111.38:0
Size 110 kB (110047 bytes)
Hash 47bd56556cb31d7b970fb4ee33910fd5
ef724c1083765bd57e27c4fccef1b2e4bbf94af1
21d1850585b1d8a0ce4d3c38b15f9f5bb065bccc9486600302470da45d3c9f84
GET /gw/static/video/video.min.js HTTP/1.1
Host: encdn00.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
x-oss-request-id: 636C5A9AFE67F3313692B7C4
last-modified: Wed, 12 Dec 2018 07:22:37 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5383075966015106199
x-oss-storage-class: Standard
content-md5: +U6yhOPN7ORHFHKGfg/koA==
x-oss-server-time: 6
content-encoding: gzip
date: Sat, 26 Nov 2022 02:22:17 GMT
etag: "F94EB284E3CDECE4471472867E0FE4A0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -XpgoWx9b1ehxcBlA9qBbsXMom_HvUcuE0uJvbG8EtHsh8HP1hGguA==
age: 9794
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 38747da15463f664446d516ff6c83deb
5dc57c995026d19cbe06578419bea379aebe1a9c
6e7194aadd3d727a0b71953e7893dbd13e62eee79a10264c70121f38da144aec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E7194AADD3D727A0B71953E7893DBD13E62EEE79A10264C70121F38DA144AEC"
Last-Modified: Thu, 24 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3225
Expires: Sat, 26 Nov 2022 05:36:15 GMT
Date: Sat, 26 Nov 2022 04:42:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 38747da15463f664446d516ff6c83deb
5dc57c995026d19cbe06578419bea379aebe1a9c
6e7194aadd3d727a0b71953e7893dbd13e62eee79a10264c70121f38da144aec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E7194AADD3D727A0B71953E7893DBD13E62EEE79A10264C70121F38DA144AEC"
Last-Modified: Thu, 24 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3225
Expires: Sat, 26 Nov 2022 05:36:15 GMT
Date: Sat, 26 Nov 2022 04:42:30 GMT
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-KKQCSK4
142.250.74.168200 OK 64 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KKQCSK4
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (7485)
Hash f7544aa3ef83d8112d8a8329842a0d4b
c9a3674778363b4441e759733e93c024f37651a3
76598f7bd1f42906294bcfb423ffbe99cb0484685a161d5e756b661bade38335
GET /gtm.js?id=GTM-KKQCSK4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 04:42:30 GMT
expires: Sat, 26 Nov 2022 04:42:30 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.profitabledisplayformat.com/watchnew?key=756e14a7d0d90095269c2540735a69e3
192.243.59.12200 OK 1.1 kB URL HTTP/1.1 www.profitabledisplayformat.com/watchnew?key=756e14a7d0d90095269c2540735a69e3
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7c0735ba3e2de63475553d0cb662f2dd
3cf8a73744c3ab30e13a29685836a233e943df0e
f4b810bb7803426133d8a7ad5a6143ad2c5b128d3dbcdb83400e3973a9433913
Analyzer Verdict Alert quad9 Sinkholed
GET /watchnew?key=756e14a7d0d90095269c2540735a69e3 HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 04:42:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17883085; expires=Sun, 27 Nov 2022 04:42:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg4MzA4NSwiayI6Ijc1NmUxNGE3ZDBkOTAwOTUyNjljMjU0MDczNWE2OWUzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NTk2LCJwaWQiOjQ0MTU3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJlaXB0aGE2cG51IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2pwLmxkcGxheWVyLm5ldC8ifX0.os5Y6R_DCyxl6P2m_kiVV2Cx8WgDrd0vevwoJOLdzVg; expires=Sat, 26 Nov 2022 04:43:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 64b890a76bcd791bd735d98255013fe6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplayformat.com/watchnew?key=8fe36cd077973311105a83ceec6b439a
192.243.59.12200 OK 1.1 kB URL HTTP/1.1 www.profitabledisplayformat.com/watchnew?key=8fe36cd077973311105a83ceec6b439a
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7e2b21a6c1d0938089bf4bfa90265e5e
2e75fc498f99b8d9beec60a9ac6e4ad3559ffd80
35a6f07cfe8ad134a537ede0af4c93bac3c19c4aea1ebb4a3e05bf40844358f9
Analyzer Verdict Alert quad9 Sinkholed
GET /watchnew?key=8fe36cd077973311105a83ceec6b439a HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 04:42:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17883084; expires=Sun, 27 Nov 2022 04:42:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg4MzA4NCwiayI6IjhmZTM2Y2QwNzc5NzMzMTExMDVhODNjZWVjNmI0MzlhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NTk2LCJwaWQiOjQ0MTU3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ2MWFlYXptanQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vanAubGRwbGF5ZXIubmV0LyJ9fQ.GD7nUeacKo3eYphphSPJfsMDrqn044vowTQfjb2Bcuk; expires=Sat, 26 Nov 2022 04:43:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a349e2ed4a2325407e114dc823d701ac
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplayformat.com/watchnew?key=72bfcf70b3f0798dca065e528fa8ffc5
192.243.59.12200 OK 1.1 kB URL HTTP/1.1 www.profitabledisplayformat.com/watchnew?key=72bfcf70b3f0798dca065e528fa8ffc5
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8fa114259497e19255ea94c992913a3e
5d139f7e83a3585c6265c93068d7d7d2e13d068f
0726221a0de6e3d788cbed9138f5c0c63f313a8e9a0b5f87351f615ed252af93
Analyzer Verdict Alert quad9 Sinkholed
GET /watchnew?key=72bfcf70b3f0798dca065e528fa8ffc5 HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 04:42:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17883086; expires=Sun, 27 Nov 2022 04:42:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg4MzA4NiwiayI6IjcyYmZjZjcwYjNmMDc5OGRjYTA2NWU1MjhmYThmZmM1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NTk2LCJwaWQiOjQ0MTU3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJnZ2F4aHZ0YyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qcC5sZHBsYXllci5uZXQvIn19.l0NhgTR0T8m7arrgSZXI749goeqpcfDzNfZH1H7tE5s; expires=Sat, 26 Nov 2022 04:43:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f6dc9de9469f80cfac9a663041a0699
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplayformat.com/watchnew?key=cf761fed0a56f93b6003a1ec14e27b3d
192.243.59.12200 OK 1.1 kB URL HTTP/1.1 www.profitabledisplayformat.com/watchnew?key=cf761fed0a56f93b6003a1ec14e27b3d
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 08dc9c48feea1953a427c14258738c3a
ba1d8ba0eb93278d0872cd0388bf1c2f6cbf3f81
7220315e3ceae6dec49e245416899eab199b2fccfc7e599bde233b20dd06fe38
Analyzer Verdict Alert quad9 Sinkholed
GET /watchnew?key=cf761fed0a56f93b6003a1ec14e27b3d HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 04:42:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17882864; expires=Sun, 27 Nov 2022 04:42:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg4Mjg2NCwiayI6ImNmNzYxZmVkMGE1NmY5M2I2MDAzYTFlYzE0ZTI3YjNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NTk2LCJwaWQiOjQ0MTU3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJjYThnOXBtOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qcC5sZHBsYXllci5uZXQvIn19.e7f541206sLLmWH2aeRDFO-_idq9KQe4h6ld_puqp3M; expires=Sat, 26 Nov 2022 04:43:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 31d5498ac7b7a40dc5b400ec60d58b1d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e691756a7eaad68b37a05d81052d4625
51ae79d1a300529013b576ed5f30fd7eeb93f57d
b4057cce093dbc0c5928df15ca2dfa39a93ae1e9b9c0a2824a4bd09b8c356e75
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 26 Nov 2022 04:42:31 GMT
Last-Modified: Sat, 26 Nov 2022 03:03:23 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NM6EbENrQWIg1zFPuoIesV40Xedqt-YGmSyELKV-acV_yp11tDGORg==
Age: 5948
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e691756a7eaad68b37a05d81052d4625
51ae79d1a300529013b576ed5f30fd7eeb93f57d
b4057cce093dbc0c5928df15ca2dfa39a93ae1e9b9c0a2824a4bd09b8c356e75
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 26 Nov 2022 04:42:31 GMT
Last-Modified: Sat, 26 Nov 2022 04:34:31 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -aRe54BKbrULtHmvztoBRrT4aZct0oVjKG7B_YsIEpLJtVo26xfyaA==
Age: 480
www.profitabledisplayformat.com/watchnew?shu=ddae43231a510fbae513ef60fd487ea7a96dfd906976add32ecfa5d9f41b24eede983a59575603553595e911dd2e38a9164c6d9082d3df14b94e0ac5298a331d3b047ea519667af02adf9ae477d7db9ab4f41240&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=756e14a7d0d90095269c2540735a69e3&refer=https%3A%2F%2Fjp.ldplayer.net%2F
192.243.59.12200 OK 1.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/watchnew?shu=ddae43231a510fbae513ef60fd487ea7a96dfd906976add32ecfa5d9f41b24eede983a59575603553595e911dd2e38a9164c6d9082d3df14b94e0ac5298a331d3b047ea519667af02adf9ae477d7db9ab4f41240&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=756e14a7d0d90095269c2540735a69e3&refer=https%3A%2F%2Fjp.ldplayer.net%2F
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2484)
Hash 427f5f604746dbe6f860228bc3fcba94
8a138fe835b70285a226b3555c9dcd274eb77c3a
fb16020049397d1d08a46c70937558dba5ce076363c7398c7256061bf5cea36a
Analyzer Verdict Alert quad9 Sinkholed
GET /watchnew?shu=ddae43231a510fbae513ef60fd487ea7a96dfd906976add32ecfa5d9f41b24eede983a59575603553595e911dd2e38a9164c6d9082d3df14b94e0ac5298a331d3b047ea519667af02adf9ae477d7db9ab4f41240&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=756e14a7d0d90095269c2540735a69e3&refer=https%3A%2F%2Fjp.ldplayer.net%2F HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.profitabledisplayformat.com/watchnew?key=756e14a7d0d90095269c2540735a69e3
Cookie: u_pl=17882864; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg4Mjg2NCwiayI6ImNmNzYxZmVkMGE1NmY5M2I2MDAzYTFlYzE0ZTI3YjNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NTk2LCJwaWQiOjQ0MTU3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJjYThnOXBtOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qcC5sZHBsYXllci5uZXQvIn19.e7f541206sLLmWH2aeRDFO-_idq9KQe4h6ld_puqp3M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 04:42:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jp.ldplayer.net/
Access-Control-Allow-Origin: https://jp.ldplayer.net/
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17882864,17883085; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1bd12974ac338175677757223347c929
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplayformat.com/watchnew?shu=c19dc6fab82306f3696e491aa7b94165e9dc71aa9f4fce06e51ae147450a319451358cdd21cf44d310c78f99e90760159710133d0f180d4dba6d8b2b9b2e996c1a4c637e9e67eb20f314cbe65d43c93e4e77942d&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=8fe36cd077973311105a83ceec6b439a&refer=https%3A%2F%2Fjp.ldplayer.net%2F
192.243.59.12200 OK 1.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/watchnew?shu=c19dc6fab82306f3696e491aa7b94165e9dc71aa9f4fce06e51ae147450a319451358cdd21cf44d310c78f99e90760159710133d0f180d4dba6d8b2b9b2e996c1a4c637e9e67eb20f314cbe65d43c93e4e77942d&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=8fe36cd077973311105a83ceec6b439a&refer=https%3A%2F%2Fjp.ldplayer.net%2F
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2460)
Hash cb889db92a9e825be813d044b15d9e2e
865a8b3267384804f598ea28d4421bf2e0f999c1
d0c515a28661dc83d03c29f17747e806f7dec8f6dba658080f227e48862ae5fa
Analyzer Verdict Alert quad9 Sinkholed
GET /watchnew?shu=c19dc6fab82306f3696e491aa7b94165e9dc71aa9f4fce06e51ae147450a319451358cdd21cf44d310c78f99e90760159710133d0f180d4dba6d8b2b9b2e996c1a4c637e9e67eb20f314cbe65d43c93e4e77942d&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=8fe36cd077973311105a83ceec6b439a&refer=https%3A%2F%2Fjp.ldplayer.net%2F HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.profitabledisplayformat.com/watchnew?key=8fe36cd077973311105a83ceec6b439a
Cookie: u_pl=17882864; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg4Mjg2NCwiayI6ImNmNzYxZmVkMGE1NmY5M2I2MDAzYTFlYzE0ZTI3YjNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NTk2LCJwaWQiOjQ0MTU3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJjYThnOXBtOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qcC5sZHBsYXllci5uZXQvIn19.e7f541206sLLmWH2aeRDFO-_idq9KQe4h6ld_puqp3M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 04:42:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jp.ldplayer.net/
Access-Control-Allow-Origin: https://jp.ldplayer.net/
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17882864,17883084; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d76cefbdfadb0882d8d651e59e5f8b07
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplayformat.com/watchnew?shu=a3cd7601e6b51c0b988b6aa225688212c60762cc56fda09525c1a3f39bc5486a0e6622b64bc348f0384bf30781b7b5755579d5ddf226c9ab764bacdc6fd76b03bbe61d65647fcbe003cc8b4bfeb9389a99ea02e6&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=72bfcf70b3f0798dca065e528fa8ffc5&refer=https%3A%2F%2Fjp.ldplayer.net%2F
192.243.59.12200 OK 1.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/watchnew?shu=a3cd7601e6b51c0b988b6aa225688212c60762cc56fda09525c1a3f39bc5486a0e6622b64bc348f0384bf30781b7b5755579d5ddf226c9ab764bacdc6fd76b03bbe61d65647fcbe003cc8b4bfeb9389a99ea02e6&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=72bfcf70b3f0798dca065e528fa8ffc5&refer=https%3A%2F%2Fjp.ldplayer.net%2F
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2488)
Hash 24a80976715538fe7d5eec29e92a5e3e
101d1a4d6ba4a47ed5485eae0d37f1ac9597c819
ac9b19ac1c59a78766fa4341fffba3b338ab37d94c5b7370457a8c1b93c352cb
Analyzer Verdict Alert quad9 Sinkholed
GET /watchnew?shu=a3cd7601e6b51c0b988b6aa225688212c60762cc56fda09525c1a3f39bc5486a0e6622b64bc348f0384bf30781b7b5755579d5ddf226c9ab764bacdc6fd76b03bbe61d65647fcbe003cc8b4bfeb9389a99ea02e6&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=72bfcf70b3f0798dca065e528fa8ffc5&refer=https%3A%2F%2Fjp.ldplayer.net%2F HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.profitabledisplayformat.com/watchnew?key=72bfcf70b3f0798dca065e528fa8ffc5
Cookie: u_pl=17882864; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg4Mjg2NCwiayI6ImNmNzYxZmVkMGE1NmY5M2I2MDAzYTFlYzE0ZTI3YjNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NTk2LCJwaWQiOjQ0MTU3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJjYThnOXBtOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qcC5sZHBsYXllci5uZXQvIn19.e7f541206sLLmWH2aeRDFO-_idq9KQe4h6ld_puqp3M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 04:42:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jp.ldplayer.net/
Access-Control-Allow-Origin: https://jp.ldplayer.net/
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17882864,17883086; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 47b439c723807a3754e751dbacc8e31a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
encdn.ldmnq.com/gw/assets/images/05/favicon.ico
54.230.111.38200 OK 1.2 kB URL HTTP/2 encdn.ldmnq.com/gw/assets/images/05/favicon.ico
IP 54.230.111.38:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f35e0d42347856792071f091850462c7
ec9b3dc0881b2a9c731b44b9a9ae9f88164c8c70
265008c4813fe2e785807c3e5cce629c030fddfd40ee1b1449bbe4a0a94705b1
GET /gw/assets/images/05/favicon.ico HTTP/1.1
Host: encdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 1150
server: AliyunOSS
x-oss-request-id: 637FBC5E7732EB3032CB3F1F
accept-ranges: bytes
last-modified: Thu, 12 Sep 2019 09:20:42 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3812076892806576439
x-oss-storage-class: Standard
content-md5: 814NQjR4VnkgcfCRhQRixw==
x-oss-server-time: 3
date: Fri, 25 Nov 2022 18:52:19 GMT
etag: "F35E0D42347856792071F091850462C7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 87Hb9_AwreloXBEPy3-qA6_nfVtDKvpLWiAiZMW7kJH_pqCkYURrqg==
age: 35668
X-Firefox-Spdy: h2
www.profitabledisplayformat.com/watchnew?shu=027b5d50461bfa21a55a4d582310f7466fefacc5c046a2830af4e68ddf5792f28b34b9356a7a66f904b056e85fcf7272ab4dc2f8c789505b62f2db1f5593d19f3df8825449c4ef85c444d82ba0da478d88d98ebc&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=cf761fed0a56f93b6003a1ec14e27b3d&refer=https%3A%2F%2Fjp.ldplayer.net%2F
192.243.59.12200 OK 1.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/watchnew?shu=027b5d50461bfa21a55a4d582310f7466fefacc5c046a2830af4e68ddf5792f28b34b9356a7a66f904b056e85fcf7272ab4dc2f8c789505b62f2db1f5593d19f3df8825449c4ef85c444d82ba0da478d88d98ebc&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=cf761fed0a56f93b6003a1ec14e27b3d&refer=https%3A%2F%2Fjp.ldplayer.net%2F
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2485)
Hash fc92ca7cd5e5ea511131b7474934f43e
44b419314b17a11cdb7031a8e619de470a3dd244
3e573ebf969663a4dad53ac256dd28889f4aed2ab95eaeaf9865c00ab5846f45
Analyzer Verdict Alert quad9 Sinkholed
GET /watchnew?shu=027b5d50461bfa21a55a4d582310f7466fefacc5c046a2830af4e68ddf5792f28b34b9356a7a66f904b056e85fcf7272ab4dc2f8c789505b62f2db1f5593d19f3df8825449c4ef85c444d82ba0da478d88d98ebc&pst=1669437810&rmtc=t&uuid=&pii=&in=false&key=cf761fed0a56f93b6003a1ec14e27b3d&refer=https%3A%2F%2Fjp.ldplayer.net%2F HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.profitabledisplayformat.com/watchnew?key=cf761fed0a56f93b6003a1ec14e27b3d
Cookie: u_pl=17882864; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg4Mjg2NCwiayI6ImNmNzYxZmVkMGE1NmY5M2I2MDAzYTFlYzE0ZTI3YjNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NTk2LCJwaWQiOjQ0MTU3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJjYThnOXBtOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9qcC5sZHBsYXllci5uZXQvIn19.e7f541206sLLmWH2aeRDFO-_idq9KQe4h6ld_puqp3M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 04:42:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://jp.ldplayer.net/
Access-Control-Allow-Origin: https://jp.ldplayer.net/
Access-Control-Allow-Credentials: true
Set-Cookie: pdhtkv=true; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 27 Nov 2022 04:42:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8cc2736eb27aa1f6da1490e9726a69fe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 04:41:08 GMT
expires: Sat, 26 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 83
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play-lh.googleusercontent.com/zWHvBwO4TG37FZL_GV5lz0LEgZYkKcEELhOyrXRBoCDgwhJr6mxWzB-Jr2eZrHIeou4
142.250.74.54200 OK 231 kB URL HTTP/2 play-lh.googleusercontent.com/zWHvBwO4TG37FZL_GV5lz0LEgZYkKcEELhOyrXRBoCDgwhJr6mxWzB-Jr2eZrHIeou4
IP 142.250.74.54:0
File type JPEG image data, baseline, precision 8, 512x512, components 3\012- data
Size 231 kB (231223 bytes)
Hash 11e271aca948c9f1cc180c8c5e1c939b
1826fefd63f3b382d2949c5b36c35dc359d3db18
d262d21e0553b60e5d7b2c7fb8a1ca2d1d30bd5c82b3d2c1b87eb62f1fb7fbcd
GET /zWHvBwO4TG37FZL_GV5lz0LEgZYkKcEELhOyrXRBoCDgwhJr6mxWzB-Jr2eZrHIeou4 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 231223
x-xss-protection: 0
date: Sat, 26 Nov 2022 01:55:43 GMT
expires: Sat, 19 Nov 2022 12:49:48 GMT
cache-control: public, max-age=86400, no-transform
age: 10008
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play-lh.googleusercontent.com/4zuKl7-wMKANspshlWH2rBrlH_96Xp58NotDS8pV5vC9C-cmc9IZt6vcejc5ZAz_X9I
142.250.74.54200 OK 1.4 kB URL HTTP/2 play-lh.googleusercontent.com/4zuKl7-wMKANspshlWH2rBrlH_96Xp58NotDS8pV5vC9C-cmc9IZt6vcejc5ZAz_X9I
IP 142.250.74.54:0
File type PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced\012- data
Hash 5920b7e43964a84a2b0bd494e0226079
c1a5c63d676d1217be42bf0447140b278f068b0a
3a6b54b94cd599ed262554765298e2bf1b92ebc787be277c7dbd60239b020c7d
GET /4zuKl7-wMKANspshlWH2rBrlH_96Xp58NotDS8pV5vC9C-cmc9IZt6vcejc5ZAz_X9I HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1395
x-xss-protection: 0
date: Sat, 26 Nov 2022 01:08:13 GMT
expires: Sun, 06 Nov 2022 04:05:53 GMT
cache-control: public, max-age=86400, no-transform
age: 12858
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d544e647515cb189a384f9c20ec9bd24
b7b52713f8f4c02a47192ef56456e16d0ca408a9
375fc9ebeb579498db5f3df773f4a94debbab4b0f809abc2fa414e9c2bea052c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "375FC9EBEB579498DB5F3DF773F4A94DEBBAB4B0F809ABC2FA414E9C2BEA052C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4327
Expires: Sat, 26 Nov 2022 05:54:38 GMT
Date: Sat, 26 Nov 2022 04:42:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d544e647515cb189a384f9c20ec9bd24
b7b52713f8f4c02a47192ef56456e16d0ca408a9
375fc9ebeb579498db5f3df773f4a94debbab4b0f809abc2fa414e9c2bea052c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "375FC9EBEB579498DB5F3DF773F4A94DEBBAB4B0F809ABC2FA414E9C2BEA052C"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4327
Expires: Sat, 26 Nov 2022 05:54:38 GMT
Date: Sat, 26 Nov 2022 04:42:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f575aee4f3f9ed92647e6efd5d92b195
ed485eaa177873f0cb7f42817c6d0a4435cf3a76
ef7c5f6de7d3e3c93a6863c1e6525d172fe699807f79ea3183d69dece05f0009
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/api:client.js
216.58.207.206200 OK 6.9 kB URL HTTP/2 apis.google.com/js/api:client.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (2054)
Hash 57452ff36cf896de8e7f40125d00129a
38779421deff168bdde4cf793b784281a9ee2d9b
eb044f47798238906f03a87c3f07a1efe9ab8affdb1bc531730ffa21664565c2
GET /js/api:client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 6898
date: Sat, 26 Nov 2022 04:42:31 GMT
expires: Sat, 26 Nov 2022 04:42:31 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4e9c8979ac3d1c6e"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/bi/c4/b4/91/c4b4915f027a01227d904e2c4969e3e1/1652286365.jpg
45.133.44.10200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/bi/c4/b4/91/c4b4915f027a01227d904e2c4969e3e1/1652286365.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash bde8f5cb4f7c816ee213550232402f3c
ff235fad0dbc761601c870b6febca9036202b96c
4f3b7e1aac368d7776d291ffe79e9dc6fd9af002c987227bbb8e5209e5d20124
GET /bi/c4/b4/91/c4b4915f027a01227d904e2c4969e3e1/1652286365.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.profitabledisplayformat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 04:42:31 GMT
content-type: image/jpeg
content-length: 24403
server: nginx/1.17.6
last-modified: Wed, 11 May 2022 16:26:12 GMT
etag: "627be3a4-5f53"
expires: Mon, 28 Nov 2022 04:42:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/a6/06/c2/a606c294dfeae43988814e00f35804db/1652452620.jpg
45.133.44.10200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/bi/a6/06/c2/a606c294dfeae43988814e00f35804db/1652452620.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash 50222b63f8e84768662fa0928599b6a4
3f175eaa5de2840c3aff90fd5105f55a5132674b
4d08a927146bbbd021e376bf32dd1630cf02b2a88ac07b9722a6d57b005ea500
GET /bi/a6/06/c2/a606c294dfeae43988814e00f35804db/1652452620.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.profitabledisplayformat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 04:42:31 GMT
content-type: image/jpeg
content-length: 23823
server: nginx/1.17.6
last-modified: Fri, 13 May 2022 14:37:08 GMT
etag: "627e6d14-5d0f"
expires: Mon, 28 Nov 2022 04:42:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/bi/c5/c6/a0/c5c6a0ba33eef8de9023d1aca9d1a86e/1631288649.jpg
45.133.44.10200 OK 143 kB URL HTTP/2 cdn.cloudimagesb.com/bi/c5/c6/a0/c5c6a0ba33eef8de9023d1aca9d1a86e/1631288649.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:07:26 14:04:59], baseline, precision 8, 300x250, components 3\012- data
Size 143 kB (143440 bytes)
Hash 24c56427dc2b6bfed1198830600dc8f5
8dc4871241fe814e3688993173f74ee786b96232
ae8e3d4e812c33e260922b63b19d3bbab877e9b98cf37e4c0bcad99c2da63410
GET /bi/c5/c6/a0/c5c6a0ba33eef8de9023d1aca9d1a86e/1631288649.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.profitabledisplayformat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 04:42:31 GMT
content-type: image/jpeg
content-length: 143440
server: nginx/1.17.6
last-modified: Fri, 10 Sep 2021 15:44:20 GMT
etag: "613b7d54-23050"
expires: Mon, 28 Nov 2022 04:42:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14424
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 04:42:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14424
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 04:42:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14424
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 04:42:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14424
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 04:42:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14424
Expires: Sat, 26 Nov 2022 08:42:55 GMT
Date: Sat, 26 Nov 2022 04:42:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Hash f4b0af7a168c648c5ad3880806679e00
0451e0971400cd177261c96c565c874db7178426
092f41c21da4a24bd85e302b54e04a3a7eb62c2f4088b0b90cece60bc7e92dd5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ff3e15-6cd5-46f6-800f-5ad08b71ffbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10209
x-amzn-requestid: e6cf9a8b-bbdc-4978-a186-ffc82b369066
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWINF69oAMF5RA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813701-35f60a7425e3617e672916c9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:43:29 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eq6JvA1Pf3M-JLZWNgHPo8sIGff8AYqLHpvVxCeu_-uLTQ4DCDN3NA==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:27:24 GMT
age: 22507
etag: "475980dd8b123ad0acdd54c441271bacad56489f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
play-lh.googleusercontent.com/PllB0GL8IK3lAcDDOfHTKdFGMRegZh8AFL3SR4iz7pAetMJr84Id3yGa5mzlTiUjmzQ=w526-h296-rw
142.250.74.54200 OK 26 kB URL HTTP/2 play-lh.googleusercontent.com/PllB0GL8IK3lAcDDOfHTKdFGMRegZh8AFL3SR4iz7pAetMJr84Id3yGa5mzlTiUjmzQ=w526-h296-rw
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c526ebb7340f9273ac16a569f155454e
725d456c79274076c2eb90cba940af275dec728f
9ac94381562f9f4319d3e1f909b7cf29e3e816fd7cb5b4327863dc8493e12a7f
GET /PllB0GL8IK3lAcDDOfHTKdFGMRegZh8AFL3SR4iz7pAetMJr84Id3yGa5mzlTiUjmzQ=w526-h296-rw HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 27 Nov 2022 04:42:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 04:42:31 GMT
server: fife
content-length: 26480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c135ab961de12d926b94f9abae8adbe
139f48ea60880efc6d2977f4d3141809f22adfef
1578a994e7c4eef451f1c744116caa95e1aa995c4817a13832f1ac3487cea95d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2944
x-amzn-requestid: 8f1b2573-39ab-442e-8c6e-97538a28aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWXXEjJIAMFu1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813762-52f27ff536b0c3b84bdfba8e;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:45:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hy8v_azPZzuVRv1VN61DoNWbfA83JPs4JcZfRyLo3j6HCtWv_gkNw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:03:27 GMT
age: 23944
etag: "139f48ea60880efc6d2977f4d3141809f22adfef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 23076
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg
34.120.237.76200 OK 20 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg
IP 34.120.237.76:0
File type gzip compressed data, from Unix\012- data
Hash 8477e982b31f2dba1aebbafa740f374e
2bd259db150cf1361175bbbd3200520b3d5c64da
8dc27afb2faeead5a8dadda9a99b0348bce27307f7479b29bd2bfa8438f8ae9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12505
x-amzn-requestid: a89c780f-e1a4-451e-842b-656ba43958be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOeHzfIAMFpGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358f-3478b6c81d94ec65388bd3da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mUic7CJjKQ8l7EKhTTSs2LTLaCqnVQUBuxzmfzET4TwSa_LX8na-MA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:28 GMT
age: 25143
etag: "05de7f68103849bd0cd80a704ef97685d0150800"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaa084a5-6673-4918-8b26-e359fdbd5c53.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaa084a5-6673-4918-8b26-e359fdbd5c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cfec0de07b11c3b4b2bde82a9d85395
c6a37206ae6327b5626ee48675638fb3b79eaf2b
b5cd58f099675e96d8f28b633c18db2aab90f1e7e0f593cd38e654f1956c53c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaa084a5-6673-4918-8b26-e359fdbd5c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10966
x-amzn-requestid: 9c8cca96-85d6-4256-9f64-e7ed26946e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOLHMPoAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358d-2857476f6bdd231525a041f8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RmHOIrJvsyjOKVoOMeV4yGpq4jNofO7-OB4PlhQyIcGEBlQWxBJMWw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:27 GMT
age: 24184
etag: "c6a37206ae6327b5626ee48675638fb3b79eaf2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 02:19:43 GMT
age: 8568
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play-lh.googleusercontent.com/zkSorZiKRdAR_wuCJ4ag-axH_hLNAsJXuffkrigtyHI3GEieF09ku6N3cvXSS17vYA=w526-h296-rw
142.250.74.54200 OK 53 kB URL HTTP/2 play-lh.googleusercontent.com/zkSorZiKRdAR_wuCJ4ag-axH_hLNAsJXuffkrigtyHI3GEieF09ku6N3cvXSS17vYA=w526-h296-rw
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 65f889fa2d808eef31f8650c91cbbed9
497e2d8ba92e02a1976c45006b56499a1d69bb43
8b0056a3a01e581d1b0802f9e9541703cf9a28f71a5055e33ab0e77b73ec2616
GET /zkSorZiKRdAR_wuCJ4ag-axH_hLNAsJXuffkrigtyHI3GEieF09ku6N3cvXSS17vYA=w526-h296-rw HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 27 Nov 2022 04:42:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 04:42:31 GMT
server: fife
content-length: 53006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-59PCK5ER57&cid=1315190616.1669437750>m=2oeb90&aip=1&z=303885314
142.250.74.35200 OK 9.1 kB URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-59PCK5ER57&cid=1315190616.1669437750>m=2oeb90&aip=1&z=303885314
IP 142.250.74.35:0
File type gzip compressed data, from Unix\012- data
Hash 4522d4e619a526502a2d761ea4a67d94
97024c9560f4c4bb72e50ad692d21de4b567d546
a58377c7e8da22a83ed55d16d7cc73d19fe4112ff16729704ce7d35dd6220790
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-59PCK5ER57&cid=1315190616.1669437750>m=2oeb90&aip=1&z=303885314 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 04:42:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-116843255-14&cid=1315190616.1669437750&jid=1769272527&gjid=503502737&_gid=1999101543.1669437751&_u=YADAAUAAAAAAACAAIAB~&z=2098705471
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-116843255-14&cid=1315190616.1669437750&jid=1769272527&gjid=503502737&_gid=1999101543.1669437751&_u=YADAAUAAAAAAACAAIAB~&z=2098705471
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-116843255-14&cid=1315190616.1669437750&jid=1769272527&gjid=503502737&_gid=1999101543.1669437751&_u=YADAAUAAAAAAACAAIAB~&z=2098705471 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://jp.ldplayer.net
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://jp.ldplayer.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 04:42:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-116843255-26&cid=1315190616.1669437750&jid=718485309&gjid=566687356&_gid=1999101543.1669437751&_u=YADAAUABAAAAACAAIAB~&z=398614758
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-116843255-26&cid=1315190616.1669437750&jid=718485309&gjid=566687356&_gid=1999101543.1669437751&_u=YADAAUABAAAAACAAIAB~&z=398614758
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-116843255-26&cid=1315190616.1669437750&jid=718485309&gjid=566687356&_gid=1999101543.1669437751&_u=YADAAUABAAAAACAAIAB~&z=398614758 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://jp.ldplayer.net
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://jp.ldplayer.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 04:42:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play-lh.googleusercontent.com/lRM9t7JIZUFyo__QX4GltrHBkSAQTW6gzKZTMdTtlxyz2BSG4vNXv_EmEYyu4Us8FjTb=w526-h296-rw
142.250.74.54200 OK 42 kB URL HTTP/2 play-lh.googleusercontent.com/lRM9t7JIZUFyo__QX4GltrHBkSAQTW6gzKZTMdTtlxyz2BSG4vNXv_EmEYyu4Us8FjTb=w526-h296-rw
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 150c6f39c9912c3d691cf539404a78c7
b09e7b3d33915f86d999463ebb422c40a103483d
f163bebf73962c4c99893df1b1679d2734f4aa195ec64f8a8eaec48f07c310dc
GET /lRM9t7JIZUFyo__QX4GltrHBkSAQTW6gzKZTMdTtlxyz2BSG4vNXv_EmEYyu4Us8FjTb=w526-h296-rw HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 27 Nov 2022 04:42:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 04:42:31 GMT
server: fife
content-length: 42324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=jp.ldplayer.net
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=jp.ldplayer.net
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=jp.ldplayer.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 04:42:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play-lh.googleusercontent.com/XNOW0a_ABSoiYtQp0eSPe8vkffMl0xtVfA1CPqhVQUT3PUV7uymDFTwr9iAW1kXFkZ0=w526-h296-rw
142.250.74.54200 OK 40 kB URL HTTP/2 play-lh.googleusercontent.com/XNOW0a_ABSoiYtQp0eSPe8vkffMl0xtVfA1CPqhVQUT3PUV7uymDFTwr9iAW1kXFkZ0=w526-h296-rw
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d63b7dd2e896edffb69e2669911ecffe
043899f6e711f2e141823b8437495a534cc9f623
ca95c374ea309fb734f80c6eb37b40247787baa5c6936aa2c81ea29b5470e68f
GET /XNOW0a_ABSoiYtQp0eSPe8vkffMl0xtVfA1CPqhVQUT3PUV7uymDFTwr9iAW1kXFkZ0=w526-h296-rw HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sun, 27 Nov 2022 04:42:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.webp"
content-type: image/webp
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 04:42:31 GMT
server: fife
content-length: 39468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=jp.ldplayer.net
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=jp.ldplayer.net
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=jp.ldplayer.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 04:42:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57>m=2oeb90&_p=893492918&_gaz=1&cid=1315190616.1669437750&ul=en-us&sr=1280x1024&_s=1&sid=1669437750&sct=1&seg=0&dl=https%3A%2F%2Fjp.ldplayer.net%2Fapps%2Fcom-snowcorp-epik-on-pc.html&dt=EPIK%20%E3%82%A8%E3%83%94%E3%83%83%E3%82%AF%20-%20%E5%86%99%E7%9C%9F%E7%B7%A8%E9%9B%86%E3%82%A2%E3%83%97%E3%83%AA%E3%82%92PC%E3%81%A7%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20-%20LDPlayer&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-59PCK5ER57>m=2oeb90&_p=893492918&_gaz=1&cid=1315190616.1669437750&ul=en-us&sr=1280x1024&_s=1&sid=1669437750&sct=1&seg=0&dl=https%3A%2F%2Fjp.ldplayer.net%2Fapps%2Fcom-snowcorp-epik-on-pc.html&dt=EPIK%20%E3%82%A8%E3%83%94%E3%83%83%E3%82%AF%20-%20%E5%86%99%E7%9C%9F%E7%B7%A8%E9%9B%86%E3%82%A2%E3%83%97%E3%83%AA%E3%82%92PC%E3%81%A7%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20-%20LDPlayer&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-59PCK5ER57>m=2oeb90&_p=893492918&_gaz=1&cid=1315190616.1669437750&ul=en-us&sr=1280x1024&_s=1&sid=1669437750&sct=1&seg=0&dl=https%3A%2F%2Fjp.ldplayer.net%2Fapps%2Fcom-snowcorp-epik-on-pc.html&dt=EPIK%20%E3%82%A8%E3%83%94%E3%83%83%E3%82%AF%20-%20%E5%86%99%E7%9C%9F%E7%B7%A8%E9%9B%86%E3%82%A2%E3%83%97%E3%83%AA%E3%82%92PC%E3%81%A7%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20-%20LDPlayer&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jp.ldplayer.net
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://jp.ldplayer.net
date: Sat, 26 Nov 2022 04:42:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 69b4c95baca69139e9e4f7e5ffa6bace
a33af721a9defcb815716234aafdb69de7169455
9f752625bea112bc5402067fd695ba893590e6de9844de640a663e4e8fdc1475
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ldcdn.ldmnq.com/gw/static/ld_gw/client/93965dd.js
143.204.55.63200 OK 144 kB URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/93965dd.js
IP 143.204.55.63:0
Size 144 kB (144059 bytes)
Hash f176704be5b0c086f4510f4e7c7d29d3
20b68b4648675e8e863d61483b48a527844d7b80
dcf6aac85cdc6d80bd2e1fab1f8d481e4b04af1da27d29f97956001e61fa72fc
GET /gw/static/ld_gw/client/93965dd.js HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Fri, 25 Nov 2022 06:41:20 GMT
x-oss-request-id: 6380639070888B3633B9BE2A
last-modified: Fri, 25 Nov 2022 06:37:23 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6223137740274348026
x-oss-storage-class: Standard
content-md5: YCWawP39cm+5CYXYrycsog==
x-oss-server-time: 5
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pBMyFGPxpbDN5wFCbWBZ9EhTVWwfj8Io2uJEmVkw-XYR3Ojqa0c3FA==
age: 79269
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=jp.ldplayer.net&callback=_gfp_s_&client=ca-pub-3593861583707338&gpid_exp=1
172.217.21.162200 OK 253 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=jp.ldplayer.net&callback=_gfp_s_&client=ca-pub-3593861583707338&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 856c8f410f5f4c98fd03f77344d7371c
c18417daee2f7a0eb79bd61e5d717c7fe287dcc4
cb49988cd65debddb59c5b1baf1ae8ea85f30ee60009b6dfbd4bb34f7230c845
GET /gampad/cookie.js?domain=jp.ldplayer.net&callback=_gfp_s_&client=ca-pub-3593861583707338&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 26 Nov 2022 04:42:31 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-116843255-14&cid=1315190616.1669437750&jid=1769272527&_u=YADAAUAAAAAAACAAIAB~&z=146609662
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-116843255-14&cid=1315190616.1669437750&jid=1769272527&_u=YADAAUAAAAAAACAAIAB~&z=146609662
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-116843255-14&cid=1315190616.1669437750&jid=1769272527&_u=YADAAUAAAAAAACAAIAB~&z=146609662 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 04:42:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-116843255-26&cid=1315190616.1669437750&jid=718485309&_u=YADAAUABAAAAACAAIAB~&z=673251457
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-116843255-26&cid=1315190616.1669437750&jid=718485309&_u=YADAAUABAAAAACAAIAB~&z=673251457
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-116843255-26&cid=1315190616.1669437750&jid=718485309&_u=YADAAUABAAAAACAAIAB~&z=673251457 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 04:42:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
encdn04.ldmnq.com/gw/static/Youtube/Youtube.min.js
54.230.111.9200 OK 9.4 kB URL HTTP/2 encdn04.ldmnq.com/gw/static/Youtube/Youtube.min.js
IP 54.230.111.9:0
Hash 5915723c2330b54e5588eaab4a5a7cec
811ae159a975d41e8f6dc5215795ecce255dfd82
a84807643a4e05ac6007829d920eae2161afef76b0b251a112ad06fa782459b3
GET /gw/static/Youtube/Youtube.min.js HTTP/1.1
Host: encdn04.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
x-oss-request-id: 63708AFE7859E43834621CDC
last-modified: Tue, 22 Sep 2020 06:37:47 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5408039872758138109
x-oss-storage-class: Standard
content-md5: ssJdPpckQ8fF79/d1RPegQ==
x-oss-server-time: 7
content-encoding: gzip
date: Fri, 25 Nov 2022 07:23:35 GMT
etag: "B2C25D3E972443C7C5EFDFDDD513DE81"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5P5fPEtATRdHkBKZCjSaPguMeJyjIB1uX1s49cjq1on-MBQqzSUyGw==
age: 80914
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 69b4c95baca69139e9e4f7e5ffa6bace
a33af721a9defcb815716234aafdb69de7169455
9f752625bea112bc5402067fd695ba893590e6de9844de640a663e4e8fdc1475
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e99fcdc3ed7523948d56cbe1c943fcf3
4b8a3c27fa51771c288a392441d678321d7a3717
60e7c3efee2b4d2fb45d7ddeaee81b3dcd379b3cad9774f51402f09e1dcf9cfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/o/oauth2/iframe
216.58.207.237200 OK 704 B URL HTTP/2 accounts.google.com/o/oauth2/iframe
IP 216.58.207.237:0
Hash de53d4c8b77531c7bc8bde0e5667e291
2500db135ade799dfe2079609a453f82d678cd2b
c40a608e2ad5a9423da76d0d1f27e9b6e692b7d98ea4b2281b5a6a0a7b55d741
GET /o/oauth2/iframe HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 04:42:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'nonce-l0gJzEW3rtPnxHeVJ6RPHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.uSgmreNAE_8.es5.O/d=1/rs=AOaEmlFgRLLVVHhyzx03eTJrAWiL0RWjOw/m=base
142.250.74.163200 OK 35 kB URL HTTP/2 www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.uSgmreNAE_8.es5.O/d=1/rs=AOaEmlFgRLLVVHhyzx03eTJrAWiL0RWjOw/m=base
IP 142.250.74.163:0
File type ASCII text, with very long lines (868)
Hash 912fd13f824c5a9a220eae203ac59ba4
7bf40a94a35f21536bb7a84ef3dd081365af972b
51c448ba86299b60b65e97de1414b0833674160e9863b83e5eb873a9274f1a8f
GET /_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.uSgmreNAE_8.es5.O/d=1/rs=AOaEmlFgRLLVVHhyzx03eTJrAWiL0RWjOw/m=base HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-length: 34872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 19:40:37 GMT
expires: Tue, 21 Nov 2023 19:40:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 12 Nov 2022 07:40:56 GMT
content-type: text/javascript; charset=UTF-8
age: 378115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 816d70da869514eb692b661a8226d9c1
a89905476481099656b3461acd454ad11ad5584d
cd03b16cdd0d63deb1336dec06481a119a46359358605c8faca8955f90939a34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 04:42:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 26 Nov 2022 04:42:32 GMT
expires: Sat, 26 Nov 2022 04:42:32 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:10:36 GMT
expires: Wed, 22 Nov 2023 20:10:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 289916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jp.ldplayer.net/apps/com-snowcorp-epik-on-pc.html
54.230.111.45200 OK 0 B URL HTTP/2 jp.ldplayer.net/apps/com-snowcorp-epik-on-pc.html
IP 54.230.111.45:0
GET /apps/com-snowcorp-epik-on-pc.html HTTP/1.1
Host: jp.ldplayer.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx
date: Sat, 26 Nov 2022 04:42:29 GMT
etag: "57cab-A0bxUznNRw3Buj+8ufxxIzDDMYA"
accept-ranges: none
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: L14gCBXn_IFtFzHAblf_WjUDY6r5wMuzrB239NIDWR3b4TP5yPyiPg==
X-Firefox-Spdy: h2
encdn.ldmnq.com/gw/static/video/video-js.min.css
54.230.111.38200 OK 0 B URL HTTP/2 encdn.ldmnq.com/gw/static/video/video-js.min.css
IP 54.230.111.38:0
GET /gw/static/video/video-js.min.css HTTP/1.1
Host: encdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: AliyunOSS
x-oss-request-id: 637E5A0A700FB138302B480D
last-modified: Wed, 12 Dec 2018 07:22:38 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 18346763458647567608
x-oss-storage-class: Standard
content-md5: 9UxiMetT7YCHjWJIHpGXBg==
x-oss-server-time: 3
content-encoding: gzip
date: Fri, 25 Nov 2022 17:37:42 GMT
etag: "F54C6231EB53ED80878D62481E919706"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gYbHMAIdl1g9TDdbhAXWGCjYduLtVKEZsjeiQT8MQC6GjFZALCjhxw==
age: 39974
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/5bbb240.js
143.204.55.63200 OK 0 B URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/5bbb240.js
IP 143.204.55.63:0
GET /gw/static/ld_gw/client/5bbb240.js HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Fri, 25 Nov 2022 11:13:22 GMT
x-oss-request-id: 6380A352C05EDB39313F0577
last-modified: Fri, 25 Nov 2022 11:10:11 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10072207200847129046
x-oss-storage-class: Standard
content-md5: w3l806tZzbqTTaEgKBrmGA==
x-oss-server-time: 6
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xxKtOM-FVd5wF0G5Tr2foWQJRC54dOd4Rxwyh9ooLe7WG5WqACO3qw==
age: 62947
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 216.58.207.206:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sat, 26 Nov 2022 04:42:31 GMT
date: Sat, 26 Nov 2022 04:42:31 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=g3onNkUjC4w; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=dg-gpqhbQwE; Domain=.youtube.com; Expires=Thu, 25-May-2023 04:42:31 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+564; expires=Mon, 25-Nov-2024 04:42:31 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/71c52fb.js
143.204.55.63200 OK 0 B URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/71c52fb.js
IP 143.204.55.63:0
GET /gw/static/ld_gw/client/71c52fb.js HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Fri, 25 Nov 2022 06:41:19 GMT
x-oss-request-id: 6380638FCD39723035BCD7D2
last-modified: Fri, 25 Nov 2022 06:37:22 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3944443253022115598
x-oss-storage-class: Standard
content-md5: RNlREmw/bRJ2GcIhmA43Sg==
x-oss-server-time: 1
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EqKWyYgRAvPA8rFfk228tRf-C4BeQ4FT9aStOcKzjKAoO8pfB2jJGw==
age: 79270
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/26eb58e.js
143.204.55.63200 OK 0 B URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/26eb58e.js
IP 143.204.55.63:0
GET /gw/static/ld_gw/client/26eb58e.js HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Fri, 25 Nov 2022 06:41:20 GMT
x-oss-request-id: 63806390CD39723331D9D9D2
last-modified: Fri, 25 Nov 2022 06:37:10 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7846020890273141582
x-oss-storage-class: Standard
content-md5: lEKWLZLT9RTUyLvoRdt1wA==
x-oss-server-time: 12
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bjLwweYmEkOQzrPKvwlR1iCzQMU2_sKbKLghNy4aCvJZjS_9X4zb2Q==
age: 79269
X-Firefox-Spdy: h2
ldcdn.ldmnq.com/gw/static/ld_gw/client/cd992d1.js
143.204.55.63200 OK 0 B URL HTTP/2 ldcdn.ldmnq.com/gw/static/ld_gw/client/cd992d1.js
IP 143.204.55.63:0
GET /gw/static/ld_gw/client/cd992d1.js HTTP/1.1
Host: ldcdn.ldmnq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.ldplayer.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: AliyunOSS
date: Fri, 25 Nov 2022 06:41:20 GMT
x-oss-request-id: 6380639099AE8235340A805B
last-modified: Fri, 25 Nov 2022 06:37:25 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6183574678635321053
x-oss-storage-class: Standard
content-md5: I7tYC/t+lC4/q8BDIc465g==
x-oss-server-time: 5
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7l5OWUO8yolVLLZk6cRXOIGgR-P4z4DYIrCxm3JvZHhALVD2hWBbSQ==
age: 79269
X-Firefox-Spdy: h2