Overview

URL db3c.cn/difangxinwen/11395.html
IP218.25.89.208
ASNCHINA UNICOM China169 Backbone
Location China
Report completed2022-08-06 03:01:42 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-08-06 2 db3c.cn/difangxinwen/11395.html Malware
2022-08-06 2 db3c.cn/plug/js/comment.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-05 05:06:17 UTC 54.148.228.45
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-05 06:49:03 UTC 34.120.237.76
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-05 05:06:42 UTC 54.230.111.14
[Mnemonic Passive DNS] r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-08-05 04:57:18 UTC 23.36.76.226
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-08-05 21:56:34 UTC 93.184.220.29
[Mnemonic Passive DNS] db3c.cn (25) 0 No data No data 218.25.89.208 Unknown ranking


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 218.25.89.208

Date UQ / IDS / BL URL IP
2022-08-08 12:09:14 +0000
0 - 0 - 2 db3c.cn/shuoma/31 218.25.89.208
2022-08-04 02:35:21 +0000
0 - 0 - 2 db3c.cn/daogou/71097.html 218.25.89.208
2022-07-31 03:32:16 +0000
0 - 0 - 1 db3c.cn/guojixinwen/250.html 218.25.89.208
2019-06-09 07:56:11 +0200
0 - 4 - 0 db3c.cn/shuomatongxunsan/36 218.25.89.208
2019-05-30 19:18:46 +0200
0 - 4 - 0 db3c.cn/baishaijiadianyi/1 218.25.89.208
2019-05-30 18:14:26 +0200
0 - 0 - 1 db3c.cn/shenghuodianqiyi/85856.html 218.25.89.208
2019-04-19 14:03:32 +0200
0 - 0 - 1 db3c.cn/maichangdongtai/90869.html 218.25.89.208
2019-03-27 08:08:32 +0100
0 - 0 - 3 db3c.cn/zhuanti/chunjie/lzzhuhe.html 218.25.89.208
2019-03-24 05:13:27 +0100
0 - 4 - 9 db3c.cn/tousuweiquan/91438.html 218.25.89.208
2019-02-24 07:04:41 +0100
0 - 4 - 9 db3c.cn/maichangdongtai/90986.html 218.25.89.208

Last 10 reports on ASN: CHINA UNICOM China169 Backbone

Date UQ / IDS / BL URL IP
2022-08-12 09:54:57 +0000
0 - 0 - 1 cdn-10049480.file.myqcloud.com/jd/jd138.exe 115.56.90.72
2022-08-12 09:54:50 +0000
0 - 0 - 1 cdn-10049480.file.myqcloud.com/qcoin/qcoin131.exe 115.56.90.72
2022-08-12 09:52:03 +0000
0 - 0 - 1 download.skycn.com/hao123-soft-online-bcs/sof (...) 116.114.98.35
2022-08-12 09:49:32 +0000
0 - 0 - 1 download.doumaibiji.cn/doumai/news2/v1.0.7.01 (...) 116.177.248.72
2022-08-12 09:49:02 +0000
0 - 0 - 1 download.pdf00.cn/kszip/news/v1.0.7.31/news_01.exe 221.204.209.212
2022-08-12 09:48:54 +0000
0 - 0 - 1 src1.minibai.com/uploads/thirdupload/5d3e8177 (...) 116.136.170.202
2022-08-12 09:40:14 +0000
0 - 0 - 3 linkintec.cn/wp-content/open_module/close_clo (...) 122.114.12.229
2022-08-12 09:38:50 +0000
0 - 0 - 3 linkintec.cn/wp-content/paclm/XRRCi/ 122.114.12.229
2022-08-12 09:36:48 +0000
0 - 0 - 3 linkintec.cn/wp-content/23LBNF4AKEQZ/m7e1jbht5/ 122.114.12.229
2022-08-12 09:35:21 +0000
0 - 0 - 3 linkintec.cn/wp-content/statement/yfgesces6gjb/ 122.114.12.229

Last 10 reports on domain: db3c.cn

Date UQ / IDS / BL URL IP
2022-08-08 12:09:14 +0000
0 - 0 - 2 db3c.cn/shuoma/31 218.25.89.208
2022-08-04 02:35:21 +0000
0 - 0 - 2 db3c.cn/daogou/71097.html 218.25.89.208
2022-07-31 03:32:16 +0000
0 - 0 - 1 db3c.cn/guojixinwen/250.html 218.25.89.208
2019-06-09 07:56:11 +0200
0 - 4 - 0 db3c.cn/shuomatongxunsan/36 218.25.89.208
2019-05-30 19:18:46 +0200
0 - 4 - 0 db3c.cn/baishaijiadianyi/1 218.25.89.208
2019-05-30 18:14:26 +0200
0 - 0 - 1 db3c.cn/shenghuodianqiyi/85856.html 218.25.89.208
2019-04-19 14:03:32 +0200
0 - 0 - 1 db3c.cn/maichangdongtai/90869.html 218.25.89.208
2019-03-27 08:08:32 +0100
0 - 0 - 3 db3c.cn/zhuanti/chunjie/lzzhuhe.html 218.25.89.208
2019-03-24 05:13:27 +0100
0 - 4 - 9 db3c.cn/tousuweiquan/91438.html 218.25.89.208
2019-02-24 07:04:41 +0100
0 - 4 - 9 db3c.cn/maichangdongtai/90986.html 218.25.89.208


JavaScript

Executed Scripts (5)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 168, repeated: 1) - SHA256: dda58d684c0f379eff5b5a27fa4e41d13b28e0e693f47e0fbb8ec384402b121b

                                        < a href = 'https://pro.jd.com/mall/active/3ueT3VgG3KkZHyTSNcYkH6XppeLC/index.html'
target = '_blank' > < img src = '/upload/ad/080025.jpg'
alt = ''
width = '1000'
height = '90' / > < /a>
                                    


HTTP Transactions (41)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 06 Aug 2022 02:01:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BQehiMls7cbPSE8OoZ3VjD61Y_hf45rCIwDx_11czh6CK_u84RpMfw==
Age: 3580


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.14
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 05 Aug 2022 04:15:27 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tNMRGiivTT2laLkvQEM-oQ8XRAIpmPK-qVXr6VA8HZ-ZkQ385gaXeg==
age: 81964
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    578b9ff83ff3950ab2a3d1a8344d2938
Sha1:   39d48b67ba6aa45ec01767725e726cf9b0c87a70
Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34"
Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10932
Expires: Sat, 06 Aug 2022 06:03:42 GMT
Date: Sat, 06 Aug 2022 03:01:30 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 03:01:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 06 Aug 2022 02:16:14 GMT
Expires: Sat, 06 Aug 2022 02:40:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1B_bSYafOX98NytUF3e4b46IllI12V-3yfoRMPwvUng-9v326F338w==
Age: 2717


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6570
Cache-Control: 'max-age=158059'
Date: Sat, 06 Aug 2022 03:01:31 GMT
Last-Modified: Sat, 06 Aug 2022 01:12:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /skins/nav1.js HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Tue, 13 Aug 2013 05:46:56 GMT
Accept-Ranges: bytes
ETag: "3c777e85e897ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:15 GMT
Content-Length: 813


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   813
Md5:    adb29c55ed38ce3d049b5561b1c46004
Sha1:   85400efec18a4acf7dfd9aa28b16ee1c426b2315
Sha256: 4835e8d232d47fa014058b0744849f17f797328cdb917fd09c6f7622de458534
                                        
                                            GET /difangxinwen/11395.html HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Server: Microsoft-IIS/7.5
Set-Cookie: event11395=true; path=/ ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:14 GMT
Content-Length: 22409


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   22409
Md5:    74970b681f8bc434cc8d806b565c3ab1
Sha1:   6f51550b671a47651863036f2a9ab14de0cd98cf
Sha256: 8582dab61508f7a778fad3149cf6c44afee713c86a322f9bcb493bfdb0cfded6

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /upload/ad/nytbhtgg.js HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Sat, 18 Sep 2021 12:00:33 GMT
Accept-Ranges: bytes
ETag: "1454fcc884acd71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:15 GMT
Content-Length: 191


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 (with BOM) text, with no line terminators
Size:   191
Md5:    ac60ea5c0ac5c547c97ea7833d860026
Sha1:   e5735b93054f5e2b07927f8eb882c8a230d2379d
Sha256: 5de8ceb8683ae9fbfe31110c11ef5a1aa5aa446d2cfc67aec410869f86e941e3
                                        
                                            GET /upload/zdy/style.css HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 07 Nov 2019 03:11:55 GMT
Accept-Ranges: bytes
ETag: "804fc61b1995d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:15 GMT
Content-Length: 7707


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   7707
Md5:    6f66f55dc6112c0d546962a431cda232
Sha1:   bc90d5a5b32f41321fb8c2f0135a087b39b09d67
Sha256: 9150cde7b7640efd423a5c07e81983577cede3286d5e2d8fbcbd4ef3c67cb9ae
                                        
                                            GET /upload/ad/nyxgydxbgg.js HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Fri, 03 Jul 2015 03:36:36 GMT
Accept-Ranges: bytes
ETag: "e06afc7641b5d01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:15 GMT
Content-Length: 184


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 (with BOM) text, with no line terminators
Size:   184
Md5:    190008cb29eac2610bbafcd48b183fa5
Sha1:   49bd5d9f72a1577db7f304e887a6f5b807989d1e
Sha256: 927f0e47157bdb9b351cc703cb531aaec6d2dee412c0dc7a802877df4dfe52d3
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PD44qOFjN4xCiIwRvooC2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.228.45
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n9+cqlf1GyJBkLCXgbLEZagKJAI=

                                        
                                            GET /upload/ad/nyrdtjsbgg.js HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Fri, 15 Jan 2021 09:59:04 GMT
Accept-Ranges: bytes
ETag: "e67358e25ebd61:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:15 GMT
Content-Length: 212


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 (with BOM) text, with no line terminators
Size:   212
Md5:    130e08d19e115457f99bd1e225c6ec7a
Sha1:   81e5075ea233743c03c2ef65847ae9c2736e0b4d
Sha256: e004067190c68a4bd6e1af3489913ff1aab90742c757f4e36559764f3d565fcb
                                        
                                            GET /upload/ad/nyycsbgg.js HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Fri, 03 Jul 2015 03:27:28 GMT
Accept-Ranges: bytes
ETag: "16a61e3040b5d01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:15 GMT
Content-Length: 128


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 (with BOM) text, with no line terminators
Size:   128
Md5:    fe7f2e8177c74bace5951724b4e1f18a
Sha1:   0ad1441ea11feaf7228ac6c60433659581dbe6e5
Sha256: 7ea9d0b6c3b07d2b410b0e2da64dbbb285b93d4a9052bb34618a3501835591d7
                                        
                                            GET /upload/ad/nyxlwbsbgg.js HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Tue, 15 Oct 2013 07:16:10 GMT
Accept-Ranges: bytes
ETag: "c47ba76c76c9ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:15 GMT
Content-Length: 127


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 (with BOM) text, with no line terminators
Size:   127
Md5:    408fb418dd885b0d3bf356cd42a513da
Sha1:   144311853f3bde0316d7384b05201ab7c0c85a99
Sha256: 7ec702a8c56aebe5875db9eae88254c71328503ff051c080e2f0d0ab5950a784
                                        
                                            GET /plug/js/comment.js HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Mon, 20 May 2013 03:06:24 GMT
Accept-Ranges: bytes
ETag: "2f70333755ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:15 GMT
Content-Length: 13221


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size:   13221
Md5:    9a6f6f24765c2dd884ffb745d1a1f1c1
Sha1:   3658d37881c0caec5c514b6b9d870f680b28b40a
Sha256: 780efe73330de1102b1bfd8aa896caa36224ae016e693a45a480bc8be0fcc8a4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /skins/jquery-1.4.2.min.js HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Wed, 21 Jul 2010 09:29:20 GMT
Accept-Ranges: bytes
ETag: "0186832b728cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:15 GMT
Content-Length: 72174


--- Additional Info ---
Magic:  ASCII text, with very long lines (820)
Size:   72174
Md5:    10092eee563dec2dca82b77d2cf5a1ae
Sha1:   65cbff4e9d95d47a6f31d96ab4ea361c1f538a7b
Sha256: e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
                                        
                                            GET /upload/news/20150505/081326.jpg_120x80.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 05 May 2015 00:15:19 GMT
Accept-Ranges: bytes
ETag: "e84ec091c886d01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 2926


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 120x80, components 3\012- data
Size:   2926
Md5:    a8e644da624b1f9d9e7c821ffacca1d6
Sha1:   c7aa8211c6d1f073e8814d3d2c963257d873420a
Sha256: 99f7ce49ad37ef0e204a20f7ab94d09188aa93fbb9997f9067aa3e55406e21d1
                                        
                                            GET /upload/news/20210916/031820.jpg_120x102.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 16 Sep 2021 07:56:20 GMT
Accept-Ranges: bytes
ETag: "e0e56156d0aad71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 3149


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 120x102, components 3\012- data
Size:   3149
Md5:    1dcd1b029f5953c61bd143080d536fb3
Sha1:   2674e835241cb870783a38f07a4fab321ef1d3af
Sha256: 193eb887315e9bfeefc1b602daef5cb90bb9c5df9ac215cb428dbd4652c95bb5
                                        
                                            GET /upload/news/20190508/122725.jpg_120x102.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Wed, 08 May 2019 04:31:20 GMT
Accept-Ranges: bytes
ETag: "2cc65e2565d51:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 2525


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 120x102, components 3\012- data
Size:   2525
Md5:    9aaee69cc52373eff7f9ad24594fa9a6
Sha1:   016aa1e674104ebe2ef1ffcc2690bc843bbf7aa2
Sha256: 30b3270a2c2010d8487187bc95ab2281921faa15620296d16e49aa8091e5517e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10242
Expires: Sat, 06 Aug 2022 05:52:14 GMT
Date: Sat, 06 Aug 2022 03:01:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10242
Expires: Sat, 06 Aug 2022 05:52:14 GMT
Date: Sat, 06 Aug 2022 03:01:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10242
Expires: Sat, 06 Aug 2022 05:52:14 GMT
Date: Sat, 06 Aug 2022 03:01:32 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F817dc1f7-eb45-43f8-baff-dc8c8dc431d5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5927
x-amzn-requestid: 99ada533-43cd-41fc-82bb-e458f0eb1f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMb7GCHIAMFTvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8de5-229e11765cf29cea03c3627a;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4XnbV70sg2VdJpPpU4qwePJEGJtqD9fvi7N5tGLwn53qD4YlgsV2nQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:46:20 GMT
age: 18912
etag: "2f672c1b11a1c279f429a25e80e37c19d87ed31b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5927
Md5:    1d51f89b8978e5f853da0ec27aeba1f2
Sha1:   2f672c1b11a1c279f429a25e80e37c19d87ed31b
Sha256: 4b1741201668ef2b420b2c6ca02a9acec12b98c5527745229ceb27239a99881d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4367f8-790d-45d9-b749-83fca7bfa1e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10504
x-amzn-requestid: 90168817-32e2-488a-9219-bdc251ae197f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMdMEMwoAMFdYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8ded-705c92761ad4d64457e8c680;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pA8qsyBxj6mXH9X9B9j82-u4WDfYUt7POeUB-KHrTq_Egvqy4bJM-A==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:35 GMT
etag: "848c1131fddc851879696767331034e141eafee2"
content-type: image/jpeg
age: 18837
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10504
Md5:    b2c2899149c79a1b7a4bc3122a91f0b2
Sha1:   848c1131fddc851879696767331034e141eafee2
Sha256: b17dcf4444715ae1f716441b8a25fb2cf5356b2dc059a77a4665c19fc3459ae2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7ee7a08-356c-4c63-bdb4-9e1927d27091.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7820
x-amzn-requestid: c5a5a629-6a89-4b1b-ba1f-5d5969177bc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMEvFnEIAMF0Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d51-0ec3942c69a1b4be00209980;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eiwhDqE7a1hggz3h-PAWE_5FkXHN7rrjCzF9X73DifFs5TdO-tAmwQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:58:47 GMT
age: 18165
etag: "4a71016db1dacf44b5a33543f48cf952143c43ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7820
Md5:    256e12f553c7b4624aef1dc17ca401e5
Sha1:   4a71016db1dacf44b5a33543f48cf952143c43ab
Sha256: 90b262e51d8d4d85728a5d58f9401a6ff81a93bd45430b6dd02990d62db7d1be
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa26223bd-d704-4f37-9bda-4a67147d87f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7022
x-amzn-requestid: a4b2e422-88b5-406a-9e4d-40f5cf5cbdb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMb9HouoAMF-WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8de5-08e066b803cf639d6dc69fe7;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hCi-KrTW8WV29cRt4s46po6kaTKYMb18-JSCEGbgoIbYu9tdEkJ-rw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:58:37 GMT
etag: "de125f4ffd1f967c1557f082c41477891630539c"
content-type: image/jpeg
age: 18175
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7022
Md5:    f8ee35182a507e89b787ac718a80508c
Sha1:   de125f4ffd1f967c1557f082c41477891630539c
Sha256: 8def080600f8b45c3683dfb91586c9b03bf3fbb07437e9ab9dad816909cc3021
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60c16ee3-3a39-4ec1-8e5b-b1410576255d.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10858
x-amzn-requestid: f52ea3bb-2b14-4316-b1ea-25883320d73e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMEqHPoIAMFd8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d50-5d5190d20756dba80d5bdc58;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 91aj3ZyKfmVEtsdnYZ9Jxxxj3lhprXSIJBF12cC2jNzU-xL2iHMlwg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:58:37 GMT
age: 18175
etag: "41e1d42e206d3214a51e63770e9cd6cc0becbb24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10858
Md5:    afba830dc75735a2d3d2ddbc552122cf
Sha1:   41e1d42e206d3214a51e63770e9cd6cc0becbb24
Sha256: d3d4aefde36e4bc2d5369e0ce485c5e732a115055291c06d8c9a3db3beca8887
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2e82c42-fd94-454a-912f-56867d09ec8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7007
x-amzn-requestid: f82ea4ee-a0dd-484b-8d07-7cc98b4f3345
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMb8FGzIAMFzJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8de5-4fc058516eb94d393a3bfd64;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vMBgynj5-az3NTLcvmLHPEitqn3dhouad7LLZY6NkcmWstbQdrJ4_Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:46:20 GMT
age: 18912
etag: "671abe46bc15fe88431e40416df266331a65f849"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7007
Md5:    1ed454c7b6a969da4f12c5dc57b0117e
Sha1:   671abe46bc15fe88431e40416df266331a65f849
Sha256: eb2cd92f0994a7bfea8151ce716bce18aa1bbbeca7ca66a786c09c3dff8a41e7
                                        
                                            GET /upload/news/20150703/115321.jpg_155x116.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 03 Jul 2015 03:53:44 GMT
Accept-Ranges: bytes
ETag: "9489bddb43b5d01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 4234


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 155x116, components 3\012- data
Size:   4234
Md5:    63c15fd3c5e2ad4f70d61f4528a8bdf2
Sha1:   4062f392ce5ee92c0c804f431dd5390b93881bc7
Sha256: 22dba6dcbee89f6632545ebf3116b543f123273353b22b60035f6f6aa5b12188
                                        
                                            GET /upload/news/20140530/100150.jpg_155x116.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Sat, 13 Dec 2014 14:07:50 GMT
Accept-Ranges: bytes
ETag: "d8052ede16d01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 3984


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 155x116, components 3\012- data
Size:   3984
Md5:    2e89b714b47115dededaedd5f7101c3d
Sha1:   789a5d379342718d60ce0085aba184bc72c325c5
Sha256: 3e743a6531f9ec512388b1cb1e5c88ca1fc9735a7eac480c2e926f1b2dcba16b
                                        
                                            GET /upload/news/20191107/103100.jpg_120x102.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 07 Nov 2019 02:32:33 GMT
Accept-Ranges: bytes
ETag: "94fb3a9c1395d51:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 4034


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 120x102, components 3\012- data
Size:   4034
Md5:    f0d85bda5b9d7dc0b634b925890d23b9
Sha1:   00846ed1f8eceeac58a63c0e3bdeb38456e35dad
Sha256: 377bd7e9367cff2346546bb782ea6e8428bb749931912af03005e29ec9d82731
                                        
                                            GET /upload/news/20150703/114302.jpg_155x116.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 03 Jul 2015 03:53:44 GMT
Accept-Ranges: bytes
ETag: "a3acedb43b5d01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 5193


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 155x116, components 3\012- data
Size:   5193
Md5:    8a8ea876d2ae974424ad0a6f8b9b0d0c
Sha1:   11cb4476e80d070933b1dad42d2851d377f1aaeb
Sha256: 4a3c4a3ae71fafae12097772b62b7faf6a2646435531343d3a7c94e32b9a8444
                                        
                                            GET /upload/news/20150703/114815.jpg_155x116.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 03 Jul 2015 03:53:44 GMT
Accept-Ranges: bytes
ETag: "9489bddb43b5d01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 6329


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 155x116, components 3\012- data
Size:   6329
Md5:    bdaa47fc37c9a3cb6824665df35c4d01
Sha1:   d754a9083a2fd4ef187c14e010ea8dca0e967fbe
Sha256: 9ec340d932165447ff7cc610ad515a56d83de6e17bdd32ae5f9ff0293750168f
                                        
                                            GET /upload/news/20210205/035130.png_120x102.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Fri, 05 Feb 2021 07:53:11 GMT
Accept-Ranges: bytes
ETag: "10bd85f393fbd61:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 24868


--- Additional Info ---
Magic:  PNG image data, 120 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   24868
Md5:    026b1c6a29c0212489d8a92583d22186
Sha1:   eb5fcec10fed70c599185b618bebe499b6b0168b
Sha256: f815cbd7e28b576c8ddfb1f53a614ce10b54355c2a9f2eac260677463944c8cd
                                        
                                            GET /upload/news/20220330/022409.jpg_120x102.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Wed, 30 Mar 2022 07:16:28 GMT
Accept-Ranges: bytes
ETag: "259b313644d81:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 3133


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 120x102, components 3\012- data
Size:   3133
Md5:    c37cde974b704f35a938a1866591a752
Sha1:   9266445b24fef427530b75e4a61b4db1957285f9
Sha256: 92416a31e128bd46c4364d49ed1b9cf4dd94bef8dbf2c1cf3fd13731e4aeee4f
                                        
                                            GET /upload/news/20150527/063515.jpg_120x80.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Tue, 26 May 2015 22:50:57 GMT
Accept-Ranges: bytes
ETag: "58f9a76d698d01:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 3467


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 120x80, components 3\012- data
Size:   3467
Md5:    ee323092102519f777785a7a02f704a3
Sha1:   cebaf40b3ed1a51af3e23df4a3543356f74465dd
Sha256: 29905a0e1e2d850e716f07c86e2e18f16567cb0100cacfe8f76c253c4444c7c8
                                        
                                            GET /upload/ad/080025.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Sat, 18 Sep 2021 12:00:25 GMT
Accept-Ranges: bytes
ETag: "676f32c484acd71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:16 GMT
Content-Length: 101892


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1000x90, components 3\012- data
Size:   101892
Md5:    0417be0e3c1c1a9ee41e9805c6bd08a0
Sha1:   d2baa66e0381d2e076aa0a28a56eb895f729aaea
Sha256: 86d6c9cc5e7e3eb1c6e9e0977182445500c474080cade4dbb8a0f6d40acc04ff
                                        
                                            GET /upload/news/20210714/092928.png_120x102.jpg HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Wed, 14 Jul 2021 02:49:12 GMT
Accept-Ranges: bytes
ETag: "3041ffd35a78d71:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:18 GMT
Content-Length: 24562


--- Additional Info ---
Magic:  PNG image data, 120 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   24562
Md5:    11c12da0f4920ff943e2c84997b42ad0
Sha1:   39c9b874d6dd3a63ea9662e9d3d5c4fbe059103d
Sha256: a4ca03f90962621bda225a209616aca9b91046d949cd116480b4a24dd6037c2b
                                        
                                            GET /skins/images/logo.png HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Mon, 14 Oct 2013 05:21:40 GMT
Accept-Ranges: bytes
ETag: "d88b45439dc8ce1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:18 GMT
Content-Length: 8541


--- Additional Info ---
Magic:  PNG image data, 162 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size:   8541
Md5:    99bcd82e73179010b4afcde355514e3c
Sha1:   fd8074562f9d80e4e2df1a8b8e24368ea3e3aeac
Sha256: fcb049a1fa458db78dbf28cbf964639cba3a19fb36b0aad16b5adfa1af3e1c0e
                                        
                                            GET /skins/images/favicon.ico HTTP/1.1 
Host: db3c.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://db3c.cn/difangxinwen/11395.html
Cookie: event11395=true; ASP.NET_SessionId=1lfhxy55gkhn3zzpgx3pg1yv

                                         
                                         218.25.89.208
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 06 Aug 2022 03:01:19 GMT
Content-Length: 1163


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Size:   1163
Md5:    8363acaeab9cbb099b59b78a44127ca6
Sha1:   aef448ce5500e3734059ec285cf6ec0b547075f2
Sha256: 9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a