r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4204
Expires: Mon, 28 Nov 2022 05:52:48 GMT
Date: Mon, 28 Nov 2022 04:42:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2260
Cache-Control: max-age=109569
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:42:44 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:08:53 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 04:19:31 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1393
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6869
Expires: Mon, 28 Nov 2022 06:37:13 GMT
Date: Mon, 28 Nov 2022 04:42:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RrbG4zuI/0TOuLG1vzNy2bzEWnCGludbbKpGAnqQwsiyhzhQnIAPlu/s4PWImC2LqvlrUAjtDnk=
x-amz-request-id: 7C73XB1FR51QSSFV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 03:44:53 GMT
age: 3471
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:42:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wwg1oik.eswpu.com/
156.226.208.179200 OK 14 kB IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (37331), with no line terminators
Hash 6ddc62f5bbac98d7edefcf75dfa8b207
b7700a4bbaee164c0d26e08ad8ad30ca8e9ff53b
d892f0bf9cdd349e56b51584cbe879fc1fddc24eee744bed0e3d5a46e038efc8
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 04:08:55 GMT
cache-control: public,max-age=3600
age: 2030
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4527
Cache-Control: max-age=106774
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:42:45 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:22:19 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
wwg1oik.eswpu.com/static/css/home.css
156.226.208.179200 OK 5.8 kB URL HTTP/1.1 wwg1oik.eswpu.com/static/css/home.css
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type Unicode text, UTF-8 text, with very long lines (310)
Hash 450fb016075d2231047a4d127c2f1e41
bf8f539abbbff7c9d222cc450c94485102aec7b8
ba0f7991b02b9a60fa5635e68553a6c3d4db6229b6c398c72c7a2d191833bd7f
GET /static/css/home.css HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: text/css
Last-Modified: Sat, 20 Feb 2021 12:05:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6030fb1e-5337"
Expires: Mon, 28 Nov 2022 16:42:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wwg1oik.eswpu.com/template/web/css/style.css
156.226.208.179200 OK 2.9 kB URL HTTP/1.1 wwg1oik.eswpu.com/template/web/css/style.css
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type assembler source, Unicode text, UTF-8 text
Hash c293f5ae806e917220660aaae4dd894e
2f70468cb96e3b0fb2287a2d9cf904088fac444d
f0b2ffa3ed29276ba9636c67cc2b2c863f86f9f5c7ae5374b7ca4afca37d2759
GET /template/web/css/style.css HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: text/css
Last-Modified: Sun, 05 Jan 2020 06:54:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e118826-27e4"
Expires: Mon, 28 Nov 2022 16:42:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
td.easysavemore.com/Ional/puterR/butterfly/r30UpgDTsU7StkoNErEkcfe
103.172.111.246301 Moved Permanently 0 B URL HTTP/1.1 td.easysavemore.com/Ional/puterR/butterfly/r30UpgDTsU7StkoNErEkcfe
IP 103.172.111.246:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Ional/puterR/butterfly/r30UpgDTsU7StkoNErEkcfe HTTP/1.1
Host: td.easysavemore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 04:42:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 28 Nov 2022 05:42:45 GMT
Location: https://td.easysavemore.com/Ional/puterR/butterfly/r30UpgDTsU7StkoNErEkcfe
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070536c1b0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wwg1oik.eswpu.com/static/js/jquery.autocomplete.js
156.226.208.179200 OK 6.3 kB URL HTTP/1.1 wwg1oik.eswpu.com/static/js/jquery.autocomplete.js
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text
Hash 017ab50786774a4a7fae3a5bc3d7ffbd
e49fa45c10bf04810f6fceb896c35042c88417f6
fd1ec0a20c8c5f196840fc9c2e29decf3889f183fa0f566977454d9956e2a4ba
Analyzer Verdict Alert fortinet Malware
GET /static/js/jquery.autocomplete.js HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 20 Feb 2021 12:05:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6030fb1e-6215"
Expires: Mon, 28 Nov 2022 16:42:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wwg1oik.eswpu.com/template/web/js/jquery.superslide.js
156.226.208.179200 OK 4.3 kB URL HTTP/1.1 wwg1oik.eswpu.com/template/web/js/jquery.superslide.js
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type Unicode text, UTF-8 text, with very long lines (11467), with CRLF line terminators
Hash a2168ca199c0c2440b6222a1aeccdefc
21ae0ecdd9a262af31e3863cdbd9aa9ae673d822
ef922928f0e6e4345b6cc0bd6bb172f462e2161fafa51dcf9476354f5c5157e2
Analyzer Verdict Alert fortinet Malware
GET /template/web/js/jquery.superslide.js HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: application/javascript
Last-Modified: Sun, 05 Jan 2020 07:00:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e1189a6-2ead"
Expires: Mon, 28 Nov 2022 16:42:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wwg1oik.eswpu.com/template/web/js/jquery.lazyload.js
156.226.208.179200 OK 1.0 kB URL HTTP/1.1 wwg1oik.eswpu.com/template/web/js/jquery.lazyload.js
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type ASCII text, with very long lines (1625)
Hash bf2425bba1a58286585a883b427b7e37
c882f6bb9ce1aced0148ae6267212ed2d661b6a4
db4d5d319b7298317e8dba72976392f629c829c38c043025bb459272456d6cc9
Analyzer Verdict Alert fortinet Malware
GET /template/web/js/jquery.lazyload.js HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: application/javascript
Last-Modified: Mon, 30 Dec 2019 08:37:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e09b738-6bb"
Expires: Mon, 28 Nov 2022 16:42:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wwg1oik.eswpu.com/template/web/js/jquery.base.js
156.226.208.179200 OK 2.2 kB URL HTTP/1.1 wwg1oik.eswpu.com/template/web/js/jquery.base.js
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
Hash e0bc5c26ea7f84a654cd7f3eadded5bc
eb806caf087af4435e03cd5701600d9dcf67f695
da42ceceb9a32cd547126d1d67ef79d7ec1f52cfdcd126a76815945bfa24e8a7
Analyzer Verdict Alert fortinet Malware
GET /template/web/js/jquery.base.js HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: application/javascript
Last-Modified: Mon, 30 Dec 2019 08:37:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e09b736-1835"
Expires: Mon, 28 Nov 2022 16:42:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
wwg1oik.eswpu.com/js/5.js
156.226.208.179404 Not Found 146 B URL HTTP/1.1 wwg1oik.eswpu.com/js/5.js
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Malware
GET /js/5.js HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
wwg1oik.eswpu.com/template/web/js/ll.js
156.226.208.179200 OK 4.2 kB URL HTTP/1.1 wwg1oik.eswpu.com/template/web/js/ll.js
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document, ASCII text, with very long lines (7192), with CRLF line terminators
Hash 763d9b138e754cbd453d1613ce36ac37
07b0921fb6479b61380be6fdd7d30bfe20936e4f
3958462ec703c587c583e3df127f5174cc8ac9f58c175a25c2f64b62af480285
Analyzer Verdict Alert fortinet Malware
GET /template/web/js/ll.js HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 23 Nov 2022 05:36:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637db164-58bf"
Expires: Mon, 28 Nov 2022 16:42:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bxSg/6cJOBknCcQQHtHwBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zge7YzFzlv0HdLwcJ/pOwC5kEvU=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 50d5b3da967e70a5baf5ffbc8bb40681
ece0bd00a3c7469d1f8765417247391c335da5e8
22afdaa552079ef39ce3fae1606170d4238d712f49091c37ede0a3967450eb2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=171742
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:42:45 GMT
Etag: "63843823-116"
Expires: Wed, 30 Nov 2022 04:25:07 GMT
Last-Modified: Mon, 28 Nov 2022 04:25:07 GMT
Server: nginx
Content-Length: 278
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash b7435cb0b0d975c34adf42ba586c0fda
51cfd781e749ab9b5488887386c7c51cb3a95cd7
8b616ab563f6c54b6e76cbc5754a8f57873cd50ef1e1f33402e3e2cc948c2ec8
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 02 Dec 2022 02:26:23 GMT
ETag: "51cfd781e749ab9b5488887386c7c51cb3a95cd7"
Last-Modified: Mon, 28 Nov 2022 02:26:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 497
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070550b9bb4e8-OSL
wwg1oik.eswpu.com/static/js/jquery.lazyload.js
156.226.208.179200 OK 744 B URL HTTP/1.1 wwg1oik.eswpu.com/static/js/jquery.lazyload.js
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type ASCII text, with very long lines (2230)
Hash 6348619cde36c75bca818e8ac92837ac
f7fe9d84289deda6cd3e182ba5e744c8bc442c4f
c02b12be56711ac7752e9f4842b0b1bd3689fe5f357ed2eca198d8f5c0715d9e
Analyzer Verdict Alert fortinet Malware
GET /static/js/jquery.lazyload.js HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 20 Feb 2021 12:05:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6030fb1e-8b8"
Expires: Mon, 28 Nov 2022 16:42:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 50d5b3da967e70a5baf5ffbc8bb40681
ece0bd00a3c7469d1f8765417247391c335da5e8
22afdaa552079ef39ce3fae1606170d4238d712f49091c37ede0a3967450eb2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=171742
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:42:46 GMT
Etag: "63843823-116"
Expires: Wed, 30 Nov 2022 04:25:08 GMT
Last-Modified: Mon, 28 Nov 2022 04:25:07 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
wwg1oik.eswpu.com/static/js/jquery.js
156.226.208.179200 OK 37 kB URL HTTP/1.1 wwg1oik.eswpu.com/static/js/jquery.js
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type ASCII text, with very long lines (32089)
Hash ecb5a5b0c520535a5dedef53186c0079
232708f689fd7efa0bef4b61f169f054504bd22a
d220a5333de3774d06aa124d2e7f8cab2310b2780883a1cd49296d0614ab2a9c
Analyzer Verdict Alert fortinet Malware
GET /static/js/jquery.js HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:42:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 20 Feb 2021 12:05:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6030fb1e-169d5"
Expires: Mon, 28 Nov 2022 16:42:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 0bd57f74ca4ebe8b035a63a9e42e3561
b344e2a271ad3e175675aa2e86988db7bb87c179
f58876c1480f9540f2d3c4e7c553c950e4430ad3791e20fc5b52fa4085818e19
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 02 Dec 2022 03:28:12 GMT
ETag: "b344e2a271ad3e175675aa2e86988db7bb87c179"
Last-Modified: Mon, 28 Nov 2022 03:28:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1716
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070582dfcb503-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1222a8ceed356e824cc415d31724e572
8cb1f60d8a844da6de86ed36b00134e441f3f2b9
5016be7f64bcc41aec2db74f3ad673bf7d96b4f69c73eb447cc84f9f92289876
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1043
Cache-Control: max-age=93183
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:42:46 GMT
Etag: "63830132-117"
Expires: Tue, 29 Nov 2022 06:35:49 GMT
Last-Modified: Sun, 27 Nov 2022 06:18:26 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash eceb80e0cc6d0bf508d07eb6ca1815cd
59cc8072a5f6f157d18ef32bee9c09bf4bddb504
170807983ebafae8a64338433ed0d1de2e175e39e859cb8cd10b474ea8c05fa8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3434
Cache-Control: max-age=151774
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:42:46 GMT
Etag: "6383dcba-2d7"
Expires: Tue, 29 Nov 2022 22:52:20 GMT
Last-Modified: Sun, 27 Nov 2022 21:55:06 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 727
cbu01.alicdn.com/img/ibank/2019/902/830/12799038209_169375805.jpg
47.246.44.252200 OK 1.4 MB URL HTTP/2 cbu01.alicdn.com/img/ibank/2019/902/830/12799038209_169375805.jpg
IP 47.246.44.252:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 60\012- data
Size 1.4 MB (1352406 bytes)
Hash e9a79cffcd30986db7bafe3b9ed4a75b
dccc70ba55395d63bc6b5b41e74a7e743dc1400a
1404d71d06f11899929aa4403246b33299b37750cdc8b8d4958fe694bc57647f
GET /img/ibank/2019/902/830/12799038209_169375805.jpg HTTP/1.1
Host: cbu01.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 1352406
date: Fri, 07 Jan 2022 01:12:02 GMT
last-modified: Wed, 31 Mar 2021 18:27:17 GMT
picasso-ret-code: SUCCESS
request-time: 0.648
expires: Sat, 07 Jan 2023 01:12:02 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1641517923
via: cache17.l2de2[0,0,200-0,H], cache6.l2de2[11,0], cache2.se1[0,1,200-0,H], cache1.se1[4,0]
access-control-allow-origin: *
age: 28092643
x-cache: HIT TCP_HIT dirn:11:413461503
x-swift-savetime: Wed, 31 Aug 2022 14:19:08 GMT
x-swift-cachetime: 11098375
timing-allow-origin: *
eagleid: 2ff62c9516696105664201970e
X-Firefox-Spdy: h2
js.users.51.la/21301815.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21301815.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash a14a9bff5997c884c9e466ed9a9f98d3
92d495184660f669e71ffac10d3f074c1c9c31a1
00a670b34a8ae6419924b3f3e0dec0b5eeaaa5a63d043b46fb0f10e2d02b17d2
GET /21301815.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=0070ef472f97973341; path=/
HWWAFSESTIME=1669610565945; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
p3.douyinpic.com/obj/tos-cn-i-dy/d87e69eb18744eec95f7fb292c345e9f
47.246.44.226200 OK 350 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/d87e69eb18744eec95f7fb292c345e9f
IP 47.246.44.226:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 90\012- data
Size 350 kB (349704 bytes)
Hash 66a86fdf6ab6e5d6616fed85ac49014a
92b200c247fb7e7aa29484491be51db333b091db
01a605e04ed9978eb6d25f05c8b9f0499843daa82705deb5694f392330b3d36b
GET /obj/tos-cn-i-dy/d87e69eb18744eec95f7fb292c345e9f HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 349704
date: Sat, 26 Nov 2022 17:17:24 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Sat, 26 Nov 2022 11:54:56 GMT
nw-session-id: 2022112619545601017509420920B10D4D7vfhg02dy
nw-session-trace: 2022-11-26T19:54:56.563030126+08:00 40
x-bdcdn-cache-status: TCP_HIT
x-length: 349704
x-powered-by: ImageX
x-response-date: Sat, 26 Nov 2022 19:54:56 GMT
x-tt-logid: 2022112619545601017509420920B10D4D
via: n204-099-014, cache20.l2de2[0,0,206-0,H], cache21.l2de2[2,0], cache21.l2de2[2,0], cache1.se1[0,0,200-0,H], cache1.se1[3,0]
x-request-ip: fdbd:dc01:29:554::77
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-tt-trace-host: 0117c8903926d1b0a8c2fadc09531dd37c883d7081ac5b874596b97e50f66b6e9803e1adbd8e7dc079d3cacd2b738b8a3afe2c218d79a26d0eeb67d739449c1750af170b45b67b006e9e00d9f70b4639bc1a42a6312ceb3c30d78cc651dcd675a3
x-response-lb: image
ali-swift-global-savetime: 1669483044
age: 127522
x-cache: HIT TCP_HIT dirn:2:388492553
x-swift-savetime: Sun, 27 Nov 2022 00:28:53 GMT
x-swift-cachetime: 31510111
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516696105664331991e
X-Firefox-Spdy: h2
td.easysavemore.com/Ional/puterR/butterfly/r30UpgDTsU7StkoNErEkcfe
103.172.111.246200 OK 4.3 kB URL HTTP/2 td.easysavemore.com/Ional/puterR/butterfly/r30UpgDTsU7StkoNErEkcfe
IP 103.172.111.246:0
ASN #209242 Cloudflare London, LLC
Hash 81eb10895dc38ec7d5a174d0dc5df0df
12a39884d89fdaa6ef5f91fdbd48f86617d437b3
3581e711bc440ff28bb89b23c07cf898edf2397d99404a965b1976c0b7056c50
GET /Ional/puterR/butterfly/r30UpgDTsU7StkoNErEkcfe HTTP/1.1
Host: td.easysavemore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wwg1oik.eswpu.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:42:46 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 28 Nov 2022 04:40:50 GMT
cf-cache-status: EXPIRED
expires: Mon, 28 Nov 2022 08:42:46 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 771070549f0bb4ed-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pic.cnljpic.com/upload/vod/20200526-1/bd56cf4f33700b803045b91eba1be7ac.jpg
23.224.1.43301 Moved Permanently 162 B URL HTTP/1.1 pic.cnljpic.com/upload/vod/20200526-1/bd56cf4f33700b803045b91eba1be7ac.jpg
IP 23.224.1.43:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /upload/vod/20200526-1/bd56cf4f33700b803045b91eba1be7ac.jpg HTTP/1.1
Host: pic.cnljpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 162
Content-Type: text/html
Date: Mon, 28 Nov 2022 04:42:46 GMT
Location: http://www.lzizy9.com//upload/vod/20200526-1/bd56cf4f33700b803045b91eba1be7ac.jpg
Server: nginx
X-Cache: BYPASS, Status: 301
pic.cnljpic.com/upload/vod/20191206-1/2c9b736dac24c8139b7ed390ea339cc9.jpg
23.224.1.43301 Moved Permanently 162 B URL HTTP/1.1 pic.cnljpic.com/upload/vod/20191206-1/2c9b736dac24c8139b7ed390ea339cc9.jpg
IP 23.224.1.43:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /upload/vod/20191206-1/2c9b736dac24c8139b7ed390ea339cc9.jpg HTTP/1.1
Host: pic.cnljpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 162
Content-Type: text/html
Date: Mon, 28 Nov 2022 04:42:46 GMT
Location: http://www.lzizy9.com//upload/vod/20191206-1/2c9b736dac24c8139b7ed390ea339cc9.jpg
Server: nginx
X-Cache: BYPASS, Status: 301
pic.cnljpic.com/upload/vod/20190918-1/221ee97d02e9f8d9d957d47d07ba8cae.jpg
23.224.1.43301 Moved Permanently 162 B URL HTTP/1.1 pic.cnljpic.com/upload/vod/20190918-1/221ee97d02e9f8d9d957d47d07ba8cae.jpg
IP 23.224.1.43:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /upload/vod/20190918-1/221ee97d02e9f8d9d957d47d07ba8cae.jpg HTTP/1.1
Host: pic.cnljpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 162
Content-Type: text/html
Date: Mon, 28 Nov 2022 04:42:46 GMT
Location: http://www.lzizy9.com//upload/vod/20190918-1/221ee97d02e9f8d9d957d47d07ba8cae.jpg
Server: nginx
X-Cache: BYPASS, Status: 301
ljcdn.comtucdncom.com/upload/vod/20220630-1/e3bd5c9657983473fced94a5db857981.jpg
172.247.77.90200 OK 9.3 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20220630-1/e3bd5c9657983473fced94a5db857981.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash f85f735ab6b5c5141c894fc736c77cb2
c5b84fe0bf9d68abd34c2d2ef84ca20ee61c4133
7d2ed62c84faafa10b19b3bf2facf78a283f33d07eea276251570cc37522bf14
GET /upload/vod/20220630-1/e3bd5c9657983473fced94a5db857981.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 04:44:34 GMT
Content-Type: image/jpeg
Content-Length: 9274
Last-Modified: Wed, 10 Aug 2022 12:09:46 GMT
Connection: keep-alive
ETag: "62f3a00a-243a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/50eadfeb8a11705303976d71be8a6928.jpg
172.67.25.105200 OK 7.8 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/50eadfeb8a11705303976d71be8a6928.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash ed5d2b1e69389c2a644460a02fbbda47
a201f036bad1bb9329ceadbdb4810a5bf3a6d8fd
502c4ac34928fb13c7e4900f6178598aa83855f7558c69f5b6f787b31b4ae933
GET /upload/vod/20221128-1/50eadfeb8a11705303976d71be8a6928.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 7800
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:50:19 GMT
ETag: "638405cb-1e78"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070571939b4ee-OSL
pic.cnljpic.com/upload/vod/20200316-1/3bf4793692e0f6b1899ae163591616f4.jpg
23.224.1.43301 Moved Permanently 162 B URL HTTP/1.1 pic.cnljpic.com/upload/vod/20200316-1/3bf4793692e0f6b1899ae163591616f4.jpg
IP 23.224.1.43:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /upload/vod/20200316-1/3bf4793692e0f6b1899ae163591616f4.jpg HTTP/1.1
Host: pic.cnljpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 162
Content-Type: text/html
Date: Mon, 28 Nov 2022 04:42:46 GMT
Location: http://www.lzizy9.com//upload/vod/20200316-1/3bf4793692e0f6b1899ae163591616f4.jpg
Server: nginx
X-Cache: BYPASS, Status: 301
pic.cnljpic.com/upload/vod/20190806-1/f827e82ceaafa509b78ba824486566e6.jpg
23.224.1.43301 Moved Permanently 162 B URL HTTP/1.1 pic.cnljpic.com/upload/vod/20190806-1/f827e82ceaafa509b78ba824486566e6.jpg
IP 23.224.1.43:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /upload/vod/20190806-1/f827e82ceaafa509b78ba824486566e6.jpg HTTP/1.1
Host: pic.cnljpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 162
Content-Type: text/html
Date: Mon, 28 Nov 2022 04:42:46 GMT
Location: http://www.lzizy9.com//upload/vod/20190806-1/f827e82ceaafa509b78ba824486566e6.jpg
Server: nginx
X-Cache: BYPASS, Status: 301
pic.cnljpic.com/upload/vod/20200511-1/ff5a0a28bfb7b526ef27a998222f4cdb.jpg
23.224.1.43301 Moved Permanently 162 B URL HTTP/1.1 pic.cnljpic.com/upload/vod/20200511-1/ff5a0a28bfb7b526ef27a998222f4cdb.jpg
IP 23.224.1.43:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /upload/vod/20200511-1/ff5a0a28bfb7b526ef27a998222f4cdb.jpg HTTP/1.1
Host: pic.cnljpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 162
Content-Type: text/html
Date: Mon, 28 Nov 2022 04:42:46 GMT
Location: http://www.lzizy9.com//upload/vod/20200511-1/ff5a0a28bfb7b526ef27a998222f4cdb.jpg
Server: nginx
X-Cache: BYPASS, Status: 301
ljcdn.comtucdncom.com/upload/vod/20220723-1/193670d4460c224d0540e1c806954f8c.jpg
172.247.77.90200 OK 8.2 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20220723-1/193670d4460c224d0540e1c806954f8c.jpg
IP 172.247.77.90:0
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 9f019c62a3cf97811383886bdee0584a
bf32da697259b6cf5988432a494964f845ef9ca0
2c6aad0b6cd9504b5deaf802ed99700f4a357517cf9d4def39e71d5c179a3f8c
GET /upload/vod/20220723-1/193670d4460c224d0540e1c806954f8c.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 04:44:34 GMT
Content-Type: image/jpeg
Content-Length: 8184
Last-Modified: Wed, 10 Aug 2022 12:10:37 GMT
Connection: keep-alive
ETag: "62f3a03d-1ff8"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/b29d1cd0a0dfc1a5d386b20317e0597e.jpg
172.67.25.105200 OK 9.2 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/b29d1cd0a0dfc1a5d386b20317e0597e.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash eaafc4df9f55d31530992805e8750989
1c7db1cb81c59d60e95468b382fed52e5f1c3124
75fb648361b05253d8df047d47227946edcac4ab0613c1518510cec1c0ffbad7
GET /upload/vod/20221128-1/b29d1cd0a0dfc1a5d386b20317e0597e.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 9224
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:50:21 GMT
ETag: "638405cd-2408"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7710705728ddb4f9-OSL
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/bf4cc9e5007d9960379ebbfdf7eaa627.jpg
172.67.25.105200 OK 12 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/bf4cc9e5007d9960379ebbfdf7eaa627.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 627a4b8d3ff580d163d9deb62400d52c
2d49c4e527c5b1246383442df4228c72e39fab6e
08c7f74e1747fb3d43eeeedda00434cdc75bd7620de59e3332c922f72f918532
GET /upload/vod/20221128-1/bf4cc9e5007d9960379ebbfdf7eaa627.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 11719
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:50:19 GMT
ETag: "638405cb-2dc7"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7710705719c1fab8-OSL
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/9965f52c7db35e750d992459d41a9197.jpg
172.67.25.105200 OK 8.6 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/9965f52c7db35e750d992459d41a9197.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 02eee9fa3ba8d169c8e4754de357490e
4c382ea8af08ec536ab0901fd54e3287843c1a08
dcf80cf8b86b309d5c8afa4e027ad462634d8b025a57fce4abfd175d62901c78
GET /upload/vod/20221128-1/9965f52c7db35e750d992459d41a9197.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 8582
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:50:20 GMT
ETag: "638405cc-2186"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070571e12b52d-OSL
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/3054845578eb4026852c149774ff1747.jpg
172.67.25.105200 OK 9.5 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/3054845578eb4026852c149774ff1747.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 90faa625231e9bd3a2a18a87536fcf71
a70dd0c1816063c34b47a651030b9b9f7e7e1a4c
22b8166a0f6bcc4457795c435d84aa27b1c26349e7b24621b1af2411dd77df22
GET /upload/vod/20221128-1/3054845578eb4026852c149774ff1747.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 9523
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:50:21 GMT
ETag: "638405cd-2533"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070571c241c0e-OSL
td.easysavemore.com/Ional/puterD/butterfly/w0kZpGxKhbqztAuALawbBMj
103.172.111.246301 Moved Permanently 0 B URL HTTP/1.1 td.easysavemore.com/Ional/puterD/butterfly/w0kZpGxKhbqztAuALawbBMj
IP 103.172.111.246:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Ional/puterD/butterfly/w0kZpGxKhbqztAuALawbBMj HTTP/1.1
Host: td.easysavemore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 04:42:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 28 Nov 2022 05:42:46 GMT
Location: https://td.easysavemore.com/Ional/puterD/butterfly/w0kZpGxKhbqztAuALawbBMj
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070595de30b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash cbf18f3e8bbfd238a18e48737a1b0d49
652f9c2cbf80914c24179f547167889e04b6978c
556e937c0298713280970e46db8fb3bf923aad94b68255e9af9e77a7cdc74d77
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 05:19:18 GMT
Expires: Sun, 04 Dec 2022 05:19:17 GMT
Etag: "652f9c2cbf80914c24179f547167889e04b6978c"
Cache-Control: max-age=519990,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771070599b8fb51d-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 151c37b3e1fe550582cb73f54038172d
28ec27c2e5020e591eea2b9af6918075a74f35ef
2c4368742734a7480d4e360b16f2c4563385361de80ba60f23c2b602f32ed053
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4368742734A7480D4E360B16F2C4563385361DE80BA60F23C2B602F32ED053"
Last-Modified: Sun, 27 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Mon, 28 Nov 2022 10:42:41 GMT
Date: Mon, 28 Nov 2022 04:42:46 GMT
Connection: keep-alive
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/341d6164265252e50efff7e7103c8b64.jpg
172.67.25.105200 OK 62 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/341d6164265252e50efff7e7103c8b64.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 800x450, components 3\012- data
Hash 473a77eca659fae2f6ee870671b920f2
3c14779f83c717b8bae4230c2eabc70449d513b3
920f14f2242f612dd1bc65ff96eddc8ce23fe5dad7d7b61ae7937bc49aec0f39
GET /upload/vod/20221128-1/341d6164265252e50efff7e7103c8b64.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 62013
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:55:34 GMT
ETag: "63840706-f23d"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7710705708bab512-OSL
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/cd0d1b640b6a4b4984fe5490830fabdf.jpg
172.67.25.105200 OK 48 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/cd0d1b640b6a4b4984fe5490830fabdf.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f9c504c7763f51f1dc3fb9e5671b804
091d04210e7378c9431b7246d10d14176975a481
741fe3527e055ffd7611d70c0273869c9cc88fe0a2ccc73e7dee4f334ec36ecd
GET /upload/vod/20221128-1/cd0d1b640b6a4b4984fe5490830fabdf.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/webp
Content-Length: 47750
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: qual=85, origFmt=jpeg, origSize=81070
Content-Disposition: inline; filename="cd0d1b640b6a4b4984fe5490830fabdf.webp"
ETag: "63840700-13cae"
Expires: Wed, 28 Dec 2022 02:44:44 GMT
Last-Modified: Mon, 28 Nov 2022 00:55:28 GMT
Vary: Accept
access-control-allow-credentials: : true
CF-Cache-Status: HIT
Age: 6796
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7710705a79e9b512-OSL
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/091124de4600cc6daa9841f25ca1dcd7.jpg
172.67.25.105200 OK 30 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/091124de4600cc6daa9841f25ca1dcd7.jpg
IP 172.67.25.105:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1b9705fad43d2064960ea937420f9581
11cfe10df9d6e5695dff6356cb6e22f1cc6846ab
c4ac9e238d88d5a7016a617a63ad074e84d5a4e4539d3851ee5f2a8db72e70f5
GET /upload/vod/20221128-1/091124de4600cc6daa9841f25ca1dcd7.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/webp
Content-Length: 29822
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Cf-Bgj: imgq:85,h2pri
Cf-Polished: qual=85, origFmt=jpeg, origSize=61066
Content-Disposition: inline; filename="091124de4600cc6daa9841f25ca1dcd7.webp"
ETag: "63840700-ee8a"
Expires: Wed, 28 Dec 2022 02:44:44 GMT
Last-Modified: Mon, 28 Nov 2022 00:55:28 GMT
Vary: Accept
access-control-allow-credentials: : true
CF-Cache-Status: HIT
Age: 6796
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7710705a89f0b512-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c1d04a6ad248f622288f4a8669cef414
e9dfd58ebb881139b4a1506e0371c08cda1c0065
691084ea4d970fba507a8a8b4e962f7df02d07f627af3324e8ab44a46201b380
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "691084EA4D970FBA507A8A8B4E962F7DF02D07F627AF3324E8AB44A46201B380"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1985
Expires: Mon, 28 Nov 2022 05:15:51 GMT
Date: Mon, 28 Nov 2022 04:42:46 GMT
Connection: keep-alive
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/67a17b8fa49c065b264838e20597fa10.jpg
172.67.25.105200 OK 9.5 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/67a17b8fa49c065b264838e20597fa10.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash f57366fe269df6fda0fc45a1c38d2f04
277c45f5446abebb2b081fc3b145f8e99fd29e90
386bb71b42eea4234c4bbe74ee2d507d8cc38748b8c7783c0df03ea55836b210
GET /upload/vod/20221128-1/67a17b8fa49c065b264838e20597fa10.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 9513
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:50:16 GMT
ETag: "638405c8-2529"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070592a19b4ee-OSL
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/2103db075f335b38afa79bdf7ff26edd.jpg
172.67.25.105200 OK 12 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/2103db075f335b38afa79bdf7ff26edd.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash a62e606ba7f37ea374f23430a96c5bb0
f05186a16ce60b3c5c3732aa4b3780d1b4e073d2
4e83a235862c03710f1a3ef076ca7bc8a169124c1048357e6b2190d49068ceb3
GET /upload/vod/20221128-1/2103db075f335b38afa79bdf7ff26edd.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 12209
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:50:17 GMT
ETag: "638405c9-2fb1"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7710705939a7b4f9-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c4578d0c30056a45b5209a576ad06411
4dae402b92931050a6ff5b9669c9d36162660770
930e740d475c97c8159ec5d7f35f63f45f88b838dfb314475f18f5fe05d92346
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 22:06:05 GMT
Expires: Sat, 03 Dec 2022 22:06:04 GMT
Etag: "4dae402b92931050a6ff5b9669c9d36162660770"
Cache-Control: max-age=493997,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710705b0f7bb503-OSL
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/8c438dd736c79af5b4f84df3b30d773b.jpg
172.67.25.105200 OK 4.0 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/8c438dd736c79af5b4f84df3b30d773b.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 58a54589a199275f23e693c598f7de5c
c8be093b150c2fbf024d7562498afa3b752ad920
ba211d5bcfb475044409433fa24b159c28db4ec9d7595046d2d03d7f115aee9f
GET /upload/vod/20221128-1/8c438dd736c79af5b4f84df3b30d773b.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 4014
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:50:18 GMT
ETag: "638405ca-fae"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070595ea8b52d-OSL
ljcdn.pic-726-baidu.com/upload/vod/20221128-1/8b7c33d3796d0eddf98f83b55f041a79.jpg
172.67.25.105200 OK 9.3 kB URL HTTP/1.1 ljcdn.pic-726-baidu.com/upload/vod/20221128-1/8b7c33d3796d0eddf98f83b55f041a79.jpg
IP 172.67.25.105:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 120x67, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 82ca7a8cd86406e654183e4a8f621373
2a627f2c9a84ab5fc5240b88b48be1d3562bd6b7
67eefe52d10497613e56670a67f570189b888195fb2af866e66aecf33eb45130
GET /upload/vod/20221128-1/8b7c33d3796d0eddf98f83b55f041a79.jpg HTTP/1.1
Host: ljcdn.pic-726-baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:46 GMT
Content-Type: image/jpeg
Content-Length: 9284
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:50:18 GMT
ETag: "638405ca-2444"
Expires: Wed, 28 Dec 2022 04:38:00 GMT
Cache-Control: max-age=31536000
access-control-allow-credentials: : true
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771070595a0dfab8-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12143
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 04:42:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12143
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 04:42:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12143
Expires: Mon, 28 Nov 2022 08:05:10 GMT
Date: Mon, 28 Nov 2022 04:42:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71251bd4e19aa0d2be6336e7366f15ff
5c8be4aa5190dc7ae89674a26945bfc9ff240175
fb15afbdd12ab04b3bb2785fb3ebf1f2d82f243b47f1b8c2c8788f7653f8059b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6003
x-amzn-requestid: 55485f7d-70d3-4f00-90fa-6384e53c990a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR79tEt8oAMF8vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9f1-7b8a266209a1648724c5ca9d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3edUH9nvxAHeFtJk-vye1QpLXAgSYPo62odg3mPQwE-u-npXeDDdVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:02:13 GMT
age: 24034
etag: "5c8be4aa5190dc7ae89674a26945bfc9ff240175"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 577b69fd08ad8368ea5a94fe41476c1c
9442f111d329f721ddc55100cd246586d8204048
bdafc5068032dcf5e207cf2685a1b9350dbe8d990ba181520ff47889524532f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8517
x-amzn-requestid: 12456791-0e7f-45d7-97ae-d663c8fa841d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvHHLoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-54ed1ec101789247052c9ec8;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nultDXAkaHp6QxGLyEw4fwxN7pWlANJhy8lalSyZuJesPboNe9pFWg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 07:12:40 GMT
age: 77407
etag: "9442f111d329f721ddc55100cd246586d8204048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d407d1a700a02f6422a0415be9648354
e9a69711e04e8028f11082285a405bafc61c5b20
dfc27a9aea46df1e218ee485296392c5a6c03756e91487f37212c69d4b30a418
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 24915481-2902-4776-b489-7741957424f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvEfioAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-7846a98a5fb3d0786cb84130;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -DsRBfO-yxwm29z7mDDNkK69aQb_fpEzVY0vuVUWZrx6-aubx7a3YA==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 07:39:44 GMT
age: 75783
etag: "e9a69711e04e8028f11082285a405bafc61c5b20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ljcdn.comtucdncom.com/upload/vod/20220705-1/7739b522e97d9873e1b718a0f21c154c.jpg
172.247.77.90200 OK 99 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20220705-1/7739b522e97d9873e1b718a0f21c154c.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x538, components 3\012- data
Hash 0e4b9c71521c93e086dd383335a7d428
cb3b60ae9d17dd5d038414d372474a2f7528822d
d20567fa50ddcdbd7cadcddc277b014e89176ecfc2676d71d4929c9c1b5b64d1
GET /upload/vod/20220705-1/7739b522e97d9873e1b718a0f21c154c.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 04:44:34 GMT
Content-Type: image/jpeg
Content-Length: 186907
Last-Modified: Wed, 10 Aug 2022 12:11:41 GMT
Connection: keep-alive
ETag: "62f3a07d-2da1b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KcI_BV4rZkM-2CmcFI5qkJLT-OOwYQnRNEPXrQJvlNA9A3Da0EzgEA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 24703
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ljcdn.comtucdncom.com/upload/vod/20220717-1/dc53089ca702fcf2cb5875490ff935a0.jpg
172.247.77.90200 OK 80 kB URL HTTP/1.1 ljcdn.comtucdncom.com/upload/vod/20220717-1/dc53089ca702fcf2cb5875490ff935a0.jpg
IP 172.247.77.90:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x536, components 3\012- data
Hash 83729cd1cb14874d99918b7300a751c7
4165afe89a59828356f5ebf8dc0e507d21101400
96ea735f3ba2295110b6d51d6d79d5416c2b4dbb66ca79ab3fb700c52ee1ce93
GET /upload/vod/20220717-1/dc53089ca702fcf2cb5875490ff935a0.jpg HTTP/1.1
Host: ljcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 28 Nov 2022 04:44:34 GMT
Content-Type: image/jpeg
Content-Length: 173744
Last-Modified: Wed, 10 Aug 2022 12:11:18 GMT
Connection: keep-alive
ETag: "62f3a066-2a6b0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ia.51.la/go1?id=21301815&rt=1669610566099&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1669610566099&tt=&kw=&cu=http%253A%252F%252Fwwg1oik.eswpu.com%252F&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21301815&rt=1669610566099&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1669610566099&tt=&kw=&cu=http%253A%252F%252Fwwg1oik.eswpu.com%252F&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21301815&rt=1669610566099&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1669610566099&tt=&kw=&cu=http%253A%252F%252Fwwg1oik.eswpu.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 200
Server: CloudWAF
Date: Mon, 28 Nov 2022 04:42:47 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=618d7104b5489c642fac; path=/
HWWAFSESTIME=1669610562618; path=/
collect-v6.51.la/v6/collect?dt=4
103.143.19.103403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 247
Origin: http://wwg1oik.eswpu.com
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
HTTP/1.1 403
Server: CloudWAF
Date: Mon, 28 Nov 2022 04:42:47 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=69cdfdf0ad854e3514f; path=/
HWWAFSESTIME=1669610564232; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://wwg1oik.eswpu.com
Access-Control-Allow-Credentials: true
bjys133.xyz/static/images/11122.gif
173.231.38.211200 OK 137 kB URL HTTP/2 bjys133.xyz/static/images/11122.gif
IP 173.231.38.211:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 137 kB (137392 bytes)
Hash a112d6f3413ecd31e05d8176fe9d3f6d
0cbef6a405721ffab659ec5bf14d18d5f1f21bc8
38c4f46a93ac52098368b49fff39581bad857c8db0f834146eceef0041ace1d8
GET /static/images/11122.gif HTTP/1.1
Host: bjys133.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:42:46 GMT
content-type: image/gif
content-length: 137392
last-modified: Tue, 31 May 2022 07:06:15 GMT
etag: "6295be67-218b0"
expires: Wed, 28 Dec 2022 04:42:46 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash ea53466b1eb46879a61e7423bb058e8e
50abbcdf700f730d22f3c3d29f4a7c5af7670c3c
dcf7e5c6a5e5ee7d9f57f03ea77f4258327d903034642c83188a31eb3cbb5180
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 01:53:42 GMT
ETag: "50abbcdf700f730d22f3c3d29f4a7c5af7670c3c"
Last-Modified: Mon, 28 Nov 2022 01:53:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 164
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7710705eea69b4e8-OSL
8499174.com/8499/960x120.gif
162.209.128.165200 OK 487 kB URL HTTP/2 8499174.com/8499/960x120.gif
IP 162.209.128.165:0
File type GIF image data, version 89a, 960 x 120\012- data
Size 487 kB (486580 bytes)
Hash 025ea4d7393db904a62b04d1248d9a65
6333c028655b17e2860b6cd72cf7740e96ef1edb
88a1b2ac6f9746cbced8e0f0b3f33b379d6c88e9e6571b5ffab2305048952928
GET /8499/960x120.gif HTTP/1.1
Host: 8499174.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:42:46 GMT
content-type: image/gif
content-length: 486580
last-modified: Fri, 11 Nov 2022 15:22:36 GMT
etag: "76cb4-5ed3375a500f8"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
xox9226.com/8cf32b216564462fb6f1dfa151d404d7.gif
103.170.15.112200 OK 639 kB URL HTTP/1.1 xox9226.com/8cf32b216564462fb6f1dfa151d404d7.gif
IP 103.170.15.112:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 80\012- data
Size 639 kB (639253 bytes)
Hash 4283bbe985e9cd511edb56a8ff00bfc1
29a26319f22088c05786378137c7c4a9dc66eebe
36b8b7c0fc6d78fce89048a7e96a53bae5aa4bcc62b7f38c45d5c7662b5294ac
GET /8cf32b216564462fb6f1dfa151d404d7.gif HTTP/1.1
Host: xox9226.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "62c998f6-9c115"
Date: Thu, 20 Oct 2022 14:46:10 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Sat, 09 Jul 2022 15:04:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-42
Content-Length: 639253
wwg1oik.eswpu.com/static/css/favicon.ico
156.226.208.179404 Not Found 146 B URL HTTP/1.1 wwg1oik.eswpu.com/static/css/favicon.ico
IP 156.226.208.179:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /static/css/favicon.ico HTTP/1.1
Host: wwg1oik.eswpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Cookie: __tins__21301815=%7B%22sid%22%3A%201669610566099%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201669612366099%7D; __51cke__=; __51laig__=1; __vtins__JavXZ9GCjGFRJqTP=%7B%22sid%22%3A%20%2224714d8b-ffaa-5b8e-b2c4-4c2c55a14dcd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201669612366110%2C%20%22ct%22%3A%201669610566110%7D; __51uvsct__JavXZ9GCjGFRJqTP=1; __51vcke__JavXZ9GCjGFRJqTP=b91d6444-3734-5cad-872a-8ca3224b58a3; __51vuft__JavXZ9GCjGFRJqTP=1669610566116
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 28 Nov 2022 04:42:48 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
hm.baidu.com/hm.js?087a518aa9504cbe8f608f6199fd4c16
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?087a518aa9504cbe8f608f6199fd4c16
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash c455a8ec5cab003cda26119259b0b383
cb3ce579b946ab84137be1862869d72c84d08050
1bb26776f21cc8de1917998ec872cca92f316aa03d8e2bf544ae139cd1eff047
GET /hm.js?087a518aa9504cbe8f608f6199fd4c16 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Mon, 28 Nov 2022 04:42:47 GMT
Etag: 0b61c3610c03f0e2cc27a2b2e5820f72
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FEF257D95B83FFAF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=510472220&si=087a518aa9504cbe8f608f6199fd4c16&v=1.3.0&lv=1&sn=40908&r=0&ww=1280&u=http%3A%2F%2Fwwg1oik.eswpu.com%2F
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=510472220&si=087a518aa9504cbe8f608f6199fd4c16&v=1.3.0&lv=1&sn=40908&r=0&ww=1280&u=http%3A%2F%2Fwwg1oik.eswpu.com%2F
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=510472220&si=087a518aa9504cbe8f608f6199fd4c16&v=1.3.0&lv=1&sn=40908&r=0&ww=1280&u=http%3A%2F%2Fwwg1oik.eswpu.com%2F HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 28 Nov 2022 04:42:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=9DEF62D0690E9E40; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a8b39b5cad58e1cfa410c10d8f4406e2
322ac9cefed6c5a93e837d30cd12fd104378fa21
22f92c09af29d64c46d66fc6f727e2808ab3ba67d42cd2c5129be1268be8c963
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 19:22:50 GMT
Expires: Sat, 03 Dec 2022 19:22:49 GMT
Etag: "322ac9cefed6c5a93e837d30cd12fd104378fa21"
Cache-Control: max-age=484199,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710706a79c5b4f9-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a8b39b5cad58e1cfa410c10d8f4406e2
322ac9cefed6c5a93e837d30cd12fd104378fa21
22f92c09af29d64c46d66fc6f727e2808ab3ba67d42cd2c5129be1268be8c963
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 19:22:50 GMT
Expires: Sat, 03 Dec 2022 19:22:49 GMT
Etag: "322ac9cefed6c5a93e837d30cd12fd104378fa21"
Cache-Control: max-age=484199,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771070697ddab503-OSL
n0322.com/49987d2f0c784374ad776bce98825a08.gif
103.188.121.27200 OK 875 kB URL HTTP/2 n0322.com/49987d2f0c784374ad776bce98825a08.gif
IP 103.188.121.27:0
File type GIF image data, version 89a, 960 x 100\012- data
Size 875 kB (874799 bytes)
Hash 68b6a500324a2e228aba45a8bd4d38dc
2eaf8499c3c4e9c71c3780d6c72b41a8f87373ef
9c39ce7ae81b8647f01f1e53f10428c12cc2323e898b0eb2e4e679c6c8cf1658
GET /49987d2f0c784374ad776bce98825a08.gif HTTP/1.1
Host: n0322.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
etag: "62531649-d592f"
server: nginx
date: Sat, 29 Oct 2022 11:46:30 GMT
content-type: image/gif
last-modified: Sun, 10 Apr 2022 17:39:21 GMT
accept-ranges: bytes
x-cache: HIT from megai-cdn121-017
content-length: 874799
X-Firefox-Spdy: h2
img.9376x.com/images/6381fe8efbdac46b425ad67e.gif
185.239.226.23302 Found 0 B URL HTTP/2 img.9376x.com/images/6381fe8efbdac46b425ad67e.gif
IP 185.239.226.23:0
ASN #134835 Starry Network Limited
GET /images/6381fe8efbdac46b425ad67e.gif HTTP/1.1
Host: img.9376x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wwg1oik.eswpu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/d87e69eb18744eec95f7fb292c345e9f
X-Firefox-Spdy: h2